Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id <S277829AbRJRRJW>; Thu, 18 Oct 2001 13:09:22 -0400
Received: (majordomo@vger.kernel.org) by vger.kernel.org
	id <S277808AbRJRRJC>; Thu, 18 Oct 2001 13:09:02 -0400
Received: from mail3.svr.pol.co.uk ([195.92.193.19]:19776 "EHLO
	mail3.svr.pol.co.uk") by vger.kernel.org with ESMTP
	id <S277827AbRJRRIu>; Thu, 18 Oct 2001 13:08:50 -0400
Posted-Date: Thu, 18 Oct 2001 08:11:44 GMT
Date: Thu, 18 Oct 2001 09:11:44 +0100 (BST)
From: Riley Williams <rhw@MemAlpha.cx>
Reply-To: Riley Williams <rhw@MemAlpha.cx>
To: Jacques Gelinas <jack@solucorp.qc.ca>
cc: Linux Kernel <linux-kernel@vger.kernel.org>
Subject: re: re: Re: Announce: many virtual servers on a single box
In-Reply-To: <20011015215151.7f22bbebdea7@remtk.solucorp.qc.ca>
Message-ID: <Pine.LNX.4.21.0110180908510.4173-100000@Consulate.UFP.CX>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org

Hi Jacques.

>>>> You might want to announce this on bugtraq. [And give solar
>>>> designer root account, he might be more creative ;)].

>>> You don't understand the issue. Anyone can create his own vserver.
>>> The system call controlling this are very simple. It is not a "try
>>> to crack my machine" contest. Anyone can create a vserver and test
>>> it.

>> But can you crack your way OUT of the vserver - how confident are you
>> in the isolation provided?

> Highly. Bug pending.

> The concept is both very simple and sound

...

> 	set_ipv4root to tie all processes in a vserver to one IP.

How well does this work on an ipv6 only box?

Best wishes from Riley.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/