From: Alex Lyashkov (shadow_at_psoft.net)
Date: Tue 07 Oct 2003 - 05:50:34 BST
On Tuesday 07 October 2003 03:34, Jacques Gelinas wrote:
> Hello!
>
> I have released for testing kernel 2.4.22ctx-18 pre1. As the name implies
> this is a test release. I am also releasing vserver 0.24.
>
> You can find the stuff at ftp.solucorp.qc.ca/pub/vserver/testing. There is
> a patch against kernel 2.4.22 and the tar file for vserver 0.24. No
> binaries.
>
> What is ctx-18. It could be the last version before we jump to the new
> virtual syscall strategy. What is new in it.
>
> chrootsafe
>
> This is a new system call that unlike chroot, can't be escaped.
> The system call does various things
>
> -Change the current directory as well as the root directory.
>
> -Fails if there is any open directory
>
> -Keep a pointer on the new root parent to create a no man land
> (like done with chmod 000 /vservers before).
>
> Using this new system call, chmod 000 is not needed anymore and we can
> support vservers inside vservers.
why don`t use private namespace ?
-- With best regards, Alex