From: Trond Myklebust Subject: Re: [RFC][PATCH 2/4] sunrpc: Use utsnamespaces Date: Tue, 06 Jan 2009 19:23:11 -0500 Message-ID: <1231287791.11487.4.camel@heimdal.trondhjem.org> References: <20090106011314.534653345@us.ibm.com> <20090106011314.961946803@us.ibm.com> <20090106200229.GA17031@us.ibm.com> <1231274682.20316.65.camel@heimdal.trondhjem.org> <20090106215831.GE18147@us.ibm.com> <1231281732.4173.6.camel@heimdal.trondhjem.org> <1231286930.14345.196.camel@localhost> <20090107002024.GJ13785@fieldses.org> Mime-Version: 1.0 Content-Type: text/plain Cc: Matt Helsley , "Serge E. Hallyn" , Linux Containers , linux-nfs@vger.kernel.org, Linux Kernel Mailing List , Chuck Lever , "Eric W. Biederman" , Linux Containers , Cedric Le Goater To: "J. Bruce Fields" Return-path: Received: from mx2.netapp.com ([216.240.18.37]:62309 "EHLO mx2.netapp.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751438AbZAGAXa (ORCPT ); Tue, 6 Jan 2009 19:23:30 -0500 In-Reply-To: <20090107002024.GJ13785@fieldses.org> Sender: linux-nfs-owner@vger.kernel.org List-ID: On Tue, 2009-01-06 at 19:20 -0500, J. Bruce Fields wrote: > If it would be possible, for example, for the 'init' namespace to have > no network interfaces at all, then it would be nicer to use a name > that's at least been used with nfs at *some* point--just on the general > principle of not leaking information to a domain that the user wouldn't > expect it to. Then RPC would fail. Thanks to the limitations imposed by selinux & friends, all RPC sockets have to be owned by the init process. -- Trond Myklebust Linux NFS client maintainer NetApp Trond.Myklebust@netapp.com www.netapp.com