On Thu, Sep 07, 2006 at 08:09:38PM +0400, Kirill Korotaev wrote: > >>imho this in acceptable for OpenVZ as makes VE files to be > >>inaccessiable from host. At least this is how I understand your > >>idea... Am I correct? > >> > >> > >>>I assume the list of other things we'll need to consider includes > >>> signals between user namespaces > >>> keystore > >>> sys_setpriority and the like > >>>I might argue that all of these should be sufficiently protected > >>>by proper setup by userspace. Can you explain why that is not > >>>the case? > > > > > >>The same requirement (ability to send signals from host to VE) > >>is also applicable to signals. > > > > > >at some point, we tried to move all cross context > >signalling (from the host to the guests) into a special > >context, but later on we moved away from that, because > >it was much simpler and more intuitive to handle the > >signalling with a separate syscall command > I'm not sure what a separate context is for, but a separate syscall > is definetely not a good idea. care to explain _why_ you think so? > >what I want to point out here is, that things like > >sending signals across namespaces is something which > >is not required to make this work > well, people have different requirements... of course, it's all about 'different' requirements ... TIA, Herbert > Kirill