Re: [Vserver] [Release] Stable 2.2.0 : where is the changelog?

From: Daniel Hokka Zakrisson <daniel_at_hozac.com>
Date: Wed 04 Apr 2007 - 15:34:42 BST
Message-ID: <4613B782.2030702@hozac.com>

Guillaume Pratte wrote:
> Thanks for the change log Daniel.
>
> Something is solliciting my curiosity though:
>
> - privacy for guests, which will hide things from xid 1
>
> I am not sure I am found of that "privacy" thing.

That's why it's configurable ;-)

> Isn't xid 1 the monitoring context?

Yes.

> Isn't supposed to be able to see everything in the system?

Well, not if you want to protect the guests from the host.

> For instance, if I remember correctly, vserver-stat uses xid 1
> to mesure the memory usage of each vserver...

In older versions/kernels, yeah. But that's already rather broken by design.

> Maybe it's an irrational fear, but it seems to me like an invitation to
> root kits... With this privacy option, how will we be able to precisely
> account the memory usage of each vserver?

vserver-stat in util-vserver 0.30.213 doesn't use xid 1 anymore (if you
have a recent enough kernel that has the accounting APIs).

-- 
Daniel Hokka Zakrisson
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Wed Apr 4 16:23:55 2007
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Wed 04 Apr 2007 - 16:23:59 BST by hypermail 2.1.8