Recent Features
| |||||||||||||
What it's forWhat it's forPosted Nov 7, 2007 18:30 UTC (Wed) by corbet (editor, #1)In reply to: Process IDs in a multi-namespace world by samroberts Parent article: Process IDs in a multi-namespace world The idea behind containers is to give the contained processes the illusion of having the system to themselves. It's a security and isolation thing; in a complete container implementation it should be possible to give root privileges to a contained process and not have problems outside of the container. That clearly would not be the case if contained processes could see (and operate upon) processes running elsewhere in the system.
(Log in to post comments)
What it's for Posted Nov 7, 2007 21:59 UTC (Wed) by samroberts (subscriber, #46749) [Link] OK, that could be useful, maybe. But don't the many flavors of LSM we've seen endlessly discussed solve the problem of what processes can do, and to whom? Containers to associate processes together to be managed as a group strategy (scheduling priority, permissions, etc) makes sense to me, but doesn't seem to need pid hiding. Just making processes invisible to each other by pid seems a bit fishy as a security mechanism. It reminds me of using chroot for security, which seems to be in disrepute: http://kerneltrap.org/Linux/Abusing_chroot Or is it more just lightweight virtualization?
What it's for Posted Nov 8, 2007 0:45 UTC (Thu) by i3839 (guest, #31386) [Link] There are quite a lot systemcalls taking a pid as argument, so isolating processes' pids has the effect of containing those calls. To name a couple important ones, ptrace(2) and kill(2).
|
|||||||||||||