Re: (pspace,pid) vs true pid virtualization

this is mandatory, as it is required to kill any process
from the host (admin) context, without entering the pid

space (which would lead to all kind of security issues)

Giving admin processes the ability to enter pid spaces seems like it
solves an entire class of problems, right?.  Could you explain a bit
what kinds of security issues it introduces?

Enter is not always possible.
For example when you have exhausted your resources in VPS.
(e.g. hit process limit inside).

And you can't make enter without resource limitations, since it will be a security hole then.

Kirill

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • (pspace,pid) vs true pid virtualization
    • From: "Serge E. Hallyn" <[email protected]>
  • Re: (pspace,pid) vs true pid virtualization
    • From: [email protected] (Eric W. Biederman)
  • Re: (pspace,pid) vs true pid virtualization
    • From: Herbert Poetzl <[email protected]>
  • Re: (pspace,pid) vs true pid virtualization
    • From: Dave Hansen <[email protected]>

• Prev by Date: Re: [PATCH 2/2] strndup_user (v3), convert (keyctl)
• Next by Date: Re: [PATCH 2.6.15.3 1/1] ACPI: Atlas ACPI driver
• Previous by thread: Re: (pspace,pid) vs true pid virtualization
• Next by thread: Re: (pspace,pid) vs true pid virtualization
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]