|
|
Subscribe / Log in / New account

Does Linux support multi-user?

Does Linux support multi-user?

Posted Jul 18, 2011 9:45 UTC (Mon) by Klavs (guest, #10563)
In reply to: Does Linux support multi-user? by mathstuf
Parent article: Reactive vs. pro-active kernel security

Linux had vserver (an external patch) for many years - but finally a solution in the mainline has come about - called lxc (Linux containers) - http://lxc.teegra.net/ - it's actually pretty easy to setup IMHO

to post comments

Does Linux support multi-user?

Posted Jul 18, 2011 16:45 UTC (Mon) by geuder (subscriber, #62854) [Link]

> but finally a solution in the mainline has come about - called lxc (Linux containers)

True, I forgot completely about that one. We have actually used it here in one project, but to isolate only one "untrusted guest" from the host system. Haven't thought about running tens of containers, but I could imagine that the overhead is pretty low especially compared to VMs.

But lxc would not help to get more consensus about these security "issues" this discussion started from. If the kernel were affected by some information disclosure or denial of service issues, in many cases the issue would not be limited to processes running inside the same container.

So the nice argument that within one container we can just talk about a single user system and don't worry that much about about information disclosure/denial of service/pro-active security would just not apply to many cases. No free lunch this time either :(




Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds