vserver development mailing list: Re: [Vserver] /proc must be mounted error

Re: [Vserver] /proc must be mounted error:
vserver development mailing list
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

About this list	Date view	Thread view	Subject view	Author view	Attachment view

From: Enrico Scholz (enrico.scholz_at_informatik.tu-chemnitz.de)
Date: Tue 23 Mar 2004 - 02:20:16 GMT

Previous message: Herbert Poetzl: "Re: [Vserver] patches for 2.6.4 / 2.6.5-rc2 ?"
In reply to: Gregory (Grisha) Trubetskoy: "Re: [Vserver] /proc must be mounted error"

grisha_at_ispol.com ("Gregory (Grisha) Trubetskoy") writes:

>> http://savannah.nongnu.org/cgi-bin/viewcvs/util-vserver/util-vserver/distrib/misc/vprocunhide-files?rev=HEAD
>
> Would you consider this a pretty safe list of things to be visible in
> a vserver?

It is probably too restrictive and removes too much entries. I am
currently aware of only two /proc entries which are not covered by
linux capabilities: sysrq-triggers and scsi. Else, I do not see a
reason to hide other entries since this can destroy functionality for
highly privileged vservers (e.g. VPN/firewall-setup vservers).

List above is something like a proof-of-concept data for the vprocunhide
script and can be overridden locally.

Enrico
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

Previous message: Herbert Poetzl: "Re: [Vserver] patches for 2.6.4 / 2.6.5-rc2 ?"
In reply to: Gregory (Grisha) Trubetskoy: "Re: [Vserver] /proc must be mounted error"

About this list	Date view	Thread view	Subject view	Author view	Attachment view

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Tue 23 Mar 2004 - 02:21:01 GMT by hypermail 2.1.3