User: Password:
|
|
Subscribe / Log in / New account

What it's for

What it's for

Posted Nov 7, 2007 18:30 UTC (Wed) by corbet (editor, #1)
In reply to: Process IDs in a multi-namespace world by samroberts
Parent article: Process IDs in a multi-namespace world

The idea behind containers is to give the contained processes the illusion of having the system to themselves. It's a security and isolation thing; in a complete container implementation it should be possible to give root privileges to a contained process and not have problems outside of the container. That clearly would not be the case if contained processes could see (and operate upon) processes running elsewhere in the system.


(Log in to post comments)

What it's for

Posted Nov 7, 2007 21:59 UTC (Wed) by samroberts (guest, #46749) [Link]

OK, that could be useful, maybe.

But don't the many flavors of LSM we've seen endlessly discussed solve 
the problem of what processes can do, and to whom?

Containers to associate processes together to be managed as a group 
strategy (scheduling priority, permissions, etc) makes sense to me, but 
doesn't seem to need pid hiding.

Just making processes invisible to each other by pid seems a bit fishy as 
a security mechanism. It reminds me of using chroot for security, which 
seems to be in disrepute:

http://kerneltrap.org/Linux/Abusing_chroot

Or is it more just lightweight virtualization?


What it's for

Posted Nov 8, 2007 0:45 UTC (Thu) by i3839 (guest, #31386) [Link]

There are quite a lot systemcalls taking a pid as argument, so isolating processes' pids has
the effect of containing those calls. To name a couple important ones, ptrace(2) and kill(2).


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds