From: Bjoern Steinbrink (bjoern.steinbrink_at_isp4p.net)
Date: Fri 19 Mar 2004 - 23:14:21 GMT
On Fri, 2004-03-19 at 23:55, Christian Jung wrote:
> I did not find anything usefull in the groups. There was something
> that the proc filesystem is hidden for security reasons and that this
> can be
> changed with a tool. I did not really understand this, sorry.
As the procfs exposes some things that shouldn't be seen inside a
vserver, proc entries can be hidden, for stable they're visible by
default, for devel/exper. they're only visible in ctx 0 by default.
A paper on vproc security can be found here:
For the experimental patches you should use the util-vserver alpha tools
that come with a tool called setattr, i guess the vproc tool would work
as well but the changed flag logic would make the cli appear confusing.
There are no documented known-to-be-safe proc-visibility settings but
IIRC Bertl has posted some hints about good starting points on the list
> I know that this version is experimental and so is subject to fail.
You may want to use vs0.09.22, is quite stable for me and has some nifty
Vserver mailing list