vserver development mailing list: Re: [vserver] security comparison between vserver and UML

Re: [vserver] security comparison between vserver and UML:
vserver development mailing list
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

About this list	Date view	Thread view	Subject view	Author view	Attachment view

From: Nuno Silva (nuno.silva_at_vgertech.com)
Date: Fri 09 May 2003 - 05:04:44 BST

Previous message: Keith Smethers: "Re: [vserver] VServer production usage"
In reply to: Jacques Gelinas: "re: [vserver] security comparison between vserver and UML"
Next in thread: Sam Vilain: "Re: [vserver] security comparison between vserver and UML"

Jacques Gelinas wrote:
> On Fri, 9 May 2003 06:50:04 -0500, Mitchell Smith wrote

[..snip..]

>
>
>>Am just thinking in terms of UML running it's own kernel in userspace, vs a
>>system running in a chrooted environment. Which would be easier to break
>>out of?
>
>
> Probably the vserver
>

Actually, I find UML easier to break. If you have a UML kernel compiled
with module support it's piece of cake :) Anyway, that's a feature, not
a bug (really, not kidding! :) ).

And I never managed to break out of a vserver (with a limited /dev and
all capabilities disabled - as the default configuration recommends -,
of course).

Regards,
Nuno Silva

Previous message: Keith Smethers: "Re: [vserver] VServer production usage"
In reply to: Jacques Gelinas: "re: [vserver] security comparison between vserver and UML"
Next in thread: Sam Vilain: "Re: [vserver] security comparison between vserver and UML"

About this list	Date view	Thread view	Subject view	Author view	Attachment view

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Fri 09 May 2003 - 05:20:59 BST by hypermail 2.1.3