On Sat, May 28, 2005 at 09:25:51PM +0200, Bodo Eggert wrote: > On Sat, 28 May 2005, gary ng wrote: > > > I am testing out vserver(1.2.10 on 2.4, not ready for > > 2.6 yet because of stability issue unrelated to > > vserver) and I am wondering what is the impact of > > giving CAP_SYS_ADMIN to it. > > > > Without it, I cannot mount within vserver but I see > > mount as a legitimate use like mounting CIFS/NFS or > > FUSE related file systems. > > You can also mount filesystems containing device nodes. This would give > you root access to the host. > > Secure user mounts are planned in the vanilla kernel, maybe they can be > adopted for vservers.
2.6/1.9.x and 2.0-* already support 'secure' mounts inside a vserver guest ... best, Herbert > -- > Top 100 things you don't want the sysadmin to say: > 45. Was that YOUR directory? > _______________________________________________ > Vserver mailing list > [email protected] > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list [email protected] http://list.linux-vserver.org/mailman/listinfo/vserver
