| |||||||||||||
CRtools 0.1 releasedCRtools 0.1 releasedPosted Jul 25, 2012 2:55 UTC (Wed) by theophrastus (guest, #80847)In reply to: CRtools 0.1 released by dskoll Parent article: CRtools 0.1 released
ah. so it's "security". protecting the system (as a whole) against users who have root access. thank you! i think that answers my question as well as i've been able to express it.
(Log in to post comments)
CRtools 0.1 released Posted Jul 25, 2012 12:17 UTC (Wed) by Lennie (subscriber, #49641) [Link]
It is like chroot yes.
LXC is a bit more flexible in what it can be I believe, but normally OpenVZ, Linux V-Server and other are like a seperate process- and filesystem-namespace with sometimes a seperate network stack (in the case of the filesystem, that just means, each container is a seperate directory).
Or as Jonathan Corbet described it on this site:
"Containers" can be thought of as a lightweight form of virtualization. Virtualized guests appear to be running on their own dedicated hardware; containers, instead, run on the host's kernel, but in an environment where they appear to have that kernel to themselves. The result is more efficient; it is typically possible to run quite a few more containerized guests than virtualized guests on a given system. The cost, from the user's point of view, is flexibility; since virtualized guests can run their own kernel, they can run any operating system while containerized guests are stuck with what the host is running."
|
|||||||||||||