From: Chris Wright (chrisw_at_osdl.org)
Date: Fri 07 Nov 2003 - 20:08:28 GMT
* Chandra Seetharaman (sekharan_at_us.ibm.com) wrote:
>
> But, integrating CKRM and vserver might not add more value and provide
> unneccessary burden for somebody that want sees value in only one of them.
I agree, a clean sepearation will help each project thrive indepently, IMHO.
> With CKRM design this can be easily done. RBCE can be extended to allow
> rules that can be defined to classify tasks based on their security
> context. And by limiting the resource shares used by each class, one
> can control how much resource a particular security context uses.
This would be useful for LSM as well. It's how we had looked at using
CKRM.
thanks,
-chris
-- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ Vserver mailing list Vserver_at_list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver