On Wed, May 10, 2006 at 02:46:34PM -0400, Fareha Shafique wrote:
> After asking various questions about unification, I don't think vhashify
> quite supports what I have in mind. I wanted to get some opinions/ideas
> from the users of this mailing list.
>
> I am thinking if vservers can somehow be used to provide MAC (Mandatory
> Access Control) through containers. For example, a vserver shares the
> same filesystem as the host server, with read and write access to the
> host files being defined through a set of MAC policies. In this way,
> different policies can be defined for different vservers. Also, writes
> can be contained within a vserver (so that if a file is written to, a
> copy is made in the vserver's space) and integrated with the host only
> through explicit 'commits' to allow, for example, new configurations to
> be tested in an environment exactly the same as the host server and then
> transferred to the host using a commit.
> Any comments please?
sounds interesting, any ideas how to realize this?
> Thanks.
> -FS
> _______________________________________________
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Wed May 10 20:09:24 2006