Re: prevent breaking a chroot() jail?

Alan Cox (alan@lxorguk.ukuu.org.uk)
Fri, 5 Jul 2002 22:15:07 +0100 (BST)


> ISTR UML had some security problems (guest processes being able to disrupt
> host processes or just guest processes being able to disrupt other guest
> processes). Have those been resolved yet?

Yes

> Do people use it in production? Last I heard someone had evaluated it, it
> had ended up consuming way too much CPU per "jail" for whatever reason.
> Perhaps things are better already...

It needs some work, and probably ultimately a couple of assists to
do sigaltmm and VM style pagex
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/