On 07/18/2011 11:04 PM, Serge E. Hallyn wrote: > (sorry, just realized postfix has been messing up my email, hope this > comes through ok) > > Thanks, Pavel. I will take a look at this when I get a chance. I'm > a little worried about security implications - this approach should > lend itself (especially with the binfmt handler) to clean handling > of security issues, but given the issues we've had with /proc things > that already exist, I'm worried about the dump files. If you have > any preemptive comments on that, please do share :) As far as the security is concerned - yes, this is very tricky question. Before we find out and fix all the possible security implications, I'd suggest adding the if (!capable(CAP_SYS_ADMIN)) return -EPERM check into the execve handler. :) And I understand your worry about the dump files in /proc. I do not like this thing either and looking forward for your suggestions. I've asked this question to Tejun, hopefully we'll work out the good solution. > We did briefly try a binfmt handler at the very end of our foray into > the ptrace checkpoint/restart approach, but your overall set here seems > very nice. > > thanks, > -serge > . > _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
