LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Does Linux support multi-user?

Does Linux support multi-user?

Posted Jul 18, 2011 16:45 UTC (Mon) by geuder (subscriber, #62854)
In reply to: Does Linux support multi-user? by Klavs
Parent article: Reactive vs. pro-active kernel security

> but finally a solution in the mainline has come about - called lxc (Linux containers)

True, I forgot completely about that one. We have actually used it here in one project, but to isolate only one "untrusted guest" from the host system. Haven't thought about running tens of containers, but I could imagine that the overhead is pretty low especially compared to VMs.

But lxc would not help to get more consensus about these security "issues" this discussion started from. If the kernel were affected by some information disclosure or denial of service issues, in many cases the issue would not be limited to processes running inside the same container.

So the nice argument that within one container we can just talk about a single user system and don't worry that much about about information disclosure/denial of service/pro-active security would just not apply to many cases. No free lunch this time either :(



(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds