|
|
Subscribe / Log in / New account

Interference from user space

Interference from user space

Posted Mar 1, 2024 23:40 UTC (Fri) by mjg59 (subscriber, #23239)
In reply to: Interference from user space by NYKevin
Parent article: A sandbox mode for the kernel

Run the userspace helper in an entirely disjoint set of namespaces that aren't children of anything running elsewhere? (would this work? I assume PIDs end up being screwy in some way, but you could special case this namespace in the ptrace and signal path and maybe that would be good enough)

to post comments

Interference from user space

Posted Mar 2, 2024 23:14 UTC (Sat) by NYKevin (subscriber, #129325) [Link] (1 responses)

What does the namespace data structure look like? Is there any code path that tries to recursively enumerate the whole set of namespaces (for some particular kind of namespace)?

I tend to imagine that, at a minimum, there must be some code path that reclaims unreachable namespaces when the last process in them dies...

Interference from user space

Posted Mar 5, 2024 23:12 UTC (Tue) by laarmen (subscriber, #63948) [Link]

Wouldn't simple refcounting work to reclaim unreachable namespaces?


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds