vserver development mailing list: Re: [Vserver] fdisk in vserver

Re: [Vserver] fdisk in vserver:
vserver development mailing list
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

About this list	Date view	Thread view	Subject view	Author view	Attachment view

From: Jon Bendtsen (jon707_at_kollegiegaarden.dk)
Date: Fri 05 Dec 2003 - 11:50:52 GMT

Previous message: Dariush Pietrzak: "Re: [Vserver] fdisk in vserver"
In reply to: Dariush Pietrzak: "Re: [Vserver] fdisk in vserver"
Next in thread: Dariush Pietrzak: "Re: [Vserver] fdisk in vserver"
Reply: Dariush Pietrzak: "Re: [Vserver] fdisk in vserver"

On Friday 05 December 2003 12:41, Dariush Pietrzak wrote:

[cut]

> and it should look roughly similiar in most vservers. You should
> use vserver-utils for creating vservers, I use
> debian-newvserver.sh, try vserver-copy etc..
> Maybe it's shocking but security in vserver is based on not giving
> access to /dev nodes -> 1) dangerous devs are removed from /dev, 2)
> mount syscall is blocked 3) mknod is blocked. This is rougly
> similiar to security on unix. ( If you could create your own
> devnodes, or mount filesystems you could easily get full access to
> the system ).

Why does a vserver need access to block devices?

JonB

_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Previous message: Dariush Pietrzak: "Re: [Vserver] fdisk in vserver"
In reply to: Dariush Pietrzak: "Re: [Vserver] fdisk in vserver"
Next in thread: Dariush Pietrzak: "Re: [Vserver] fdisk in vserver"
Reply: Dariush Pietrzak: "Re: [Vserver] fdisk in vserver"

About this list	Date view	Thread view	Subject view	Author view	Attachment view

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Fri 05 Dec 2003 - 11:52:39 GMT by hypermail 2.1.3