On Wed, May 10, 2006 at 02:46:34PM -0400, Fareha Shafique wrote: > After asking various questions about unification, I don't think vhashify > quite supports what I have in mind. I wanted to get some opinions/ideas > from the users of this mailing list. > > I am thinking if vservers can somehow be used to provide MAC (Mandatory > Access Control) through containers. For example, a vserver shares the > same filesystem as the host server, with read and write access to the > host files being defined through a set of MAC policies. In this way, > different policies can be defined for different vservers. Also, writes > can be contained within a vserver (so that if a file is written to, a > copy is made in the vserver's space) and integrated with the host only > through explicit 'commits' to allow, for example, new configurations to > be tested in an environment exactly the same as the host server and then > transferred to the host using a commit.
> Any comments please? sounds interesting, any ideas how to realize this? > Thanks. > -FS > _______________________________________________ > Vserver mailing list > Vserver@list.linux-vserver.org > http://list.linux-vserver.org/mailman/listinfo/vserver _______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver