On Thu October 21 2010, Herbert Poetzl wrote:
> On Thu, Oct 21, 2010 at 09:59:50AM +0200, Ghislain wrote:
> > > If you have enabled guest privacy in your kernel, the spectator
> > > context is essentially useless, and things like this can't
> > > really be done without looping through the guests.
>
> > i was wondering about the real thing that guest privacy does.
>
> #ifdef CONFIG_VSERVER_PRIVACY
> #define VS_ADMIN_P (0)
> #define VS_WATCH_P (0)
> #else
>
> > Does it just prevent the spectator context ?
>
> it prevents the spectator context and the admin
> functionality in all cases which are privacy
> sensitive, which includes:
>
> - ptrace
> - devmapper
> - devpts
> - inode tag permissions
> - mountinfo
> - kill/signal
> - netlink dumps
> - tun control
> - iopriority
>
> > What security do it bring to the system ?
>
> together with the VXF_STATE_ADMIN it can be
> used to secure a guest (to some degree) from
> unwanted access from the host admin, of course,
> as the admin can change the kernel, this is a
> voluntary feature which mostly prevents certain
> kinds of accidential peeking or guest modification
>
Nice description.
sort of like bullet-proof shoes so that shooting
yourself in foot has less chance of real harm. ;-)
--- I personally only use Linux-VServer on my local machines; but my public web-site http://minimodding.com is running in a L-VS context operated by Dream Host. Mike > HTC, > Herbert > > > -- > > Cordialement, > > Ghislain > > > > >Received on Thu Oct 21 13:30:17 2010