User: Password:
|
|
Subscribe / Log in / New account

Capabilities in 2.6

Capabilities in 2.6

Posted Apr 8, 2004 22:29 UTC (Thu) by Klavs (guest, #10563)
Parent article: Capabilities in 2.6

I would note, that I've used vserver for quite some time on 2.4 (and pathces are in dev -and released in alpha-state, for 2.6 - using them on my laptop) to enable exactly this capability handling. Vserver strips ALL capabilities - even from root - but you can very easily add a capability pr. vserver - and as you are supposed to run each service in a seperate vserver (this has no notable overhead), you could easily add the mentioned capability to the vserver running oracle.

Vserver works rather simply - and does not reserve memory for each vserver etc. this makes it very lightweight. see http://www.linux-vserver.org
Perhaps the kernel coders should have a look at how the capabilities are used there? - as it works rather well.


(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds