From: Kirill Korotaev <dev@sw.ru>
To: "Serge E. Hallyn" <serue@us.ibm.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
linux-kernel@vger.kernel.org, vserver@list.linux-vserver.org,
Alan Cox <alan@lxorguk.ukuu.org.uk>,
Dave Hansen <haveblue@us.ibm.com>,
Arjan van de Ven <arjan@infradead.org>,
Suleiman Souhlal <ssouhlal@FreeBSD.org>,
Hubertus Franke <frankeh@watson.ibm.com>,
Cedric Le Goater <clg@fr.ibm.com>,
Kyle Moffett <mrmacman_g4@mac.com>, Greg <gkurz@fr.ibm.com>,
Linus Torvalds <torvalds@osdl.org>, Andrew Morton <akpm@osdl.org>,
Greg KH <greg@kroah.com>, Rik van Riel <riel@redhat.com>,
Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>,
Andrey Savochkin <saw@sawoct.com>,
Kirill Korotaev <dev@openvz.org>, Andi Kleen <ak@suse.de>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Jeff Garzik <jgarzik@pobox.com>,
Trond Myklebust <trond.myklebust@fys.uio.no>,
Jes Sorensen <jes@sgi.com>
Subject: Re: (pspace,pid) vs true pid virtualization
Date: Mon, 20 Feb 2006 12:54:36 +0300 [thread overview]
Message-ID: <43F991DC.8010509@sw.ru> (raw)
In-Reply-To: <20060216153729.GB22358@sergelap.austin.ibm.com>
>>this is mandatory, as it is required to kill any process
>>from the host (admin) context, without entering the pid
>>space (which would lead to all kind of security issues)
> Just to be clear: you think there should be cases where pspace x can
> kill processes in pspace y, but can't enter it?
YES! When you have resource management such a situation is quite common.
As I wrote in antoher email example:
VPS has reached it's process limit and you can't enter it.
If you suggest to make enter without resource limitations, then it will
be a security hole.
>>>- Should we be able to monitor a pid space from the outside?
>>
>>yes, definitely, but it could happen via some special
>>interfaces, i.e. no need to make it compatible
>
>
> What sort of interfaces do you envision for these two? If we
> can lay them out well enough, maybe the result will satisfy the
> openvz folks?
>
> For instance, perhaps we just use a proc interface, where in the
> current pspace, if we've created a new pspace which in our pspace
> is known as process 567, then we might see
>
> /proc
> /proc/567
> /proc/567/pspace
> /proc/567/pspace/1 -> link to /proc/567
> /proc/567/pspace/2
>
> Now we also might be able to interact with the pspace by doing
> something like
>
> echo -9 > /proc/567/pspace/2/kill
>
> and of course do things like
>
> cd /proc/567/pspace/1/root
uff... we can start calling ptrace etc. via proc then :)
UGLY! I think Linus will ban us for such ideas. And he will be right.
Kirill
next prev parent reply other threads:[~2006-02-20 10:01 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-02-15 14:59 (pspace,pid) vs true pid virtualization Serge E. Hallyn
2006-02-15 22:12 ` Eric W. Biederman
2006-02-16 14:29 ` Serge E. Hallyn
2006-02-16 16:37 ` Eric W. Biederman
2006-02-16 17:53 ` Serge E. Hallyn
2006-02-16 18:19 ` Eric W. Biederman
2006-02-16 18:44 ` Serge E. Hallyn
2006-02-16 18:52 ` Dave Hansen
2006-02-17 10:57 ` Eric W. Biederman
2006-02-17 11:44 ` Herbert Poetzl
2006-02-17 12:16 ` Eric W. Biederman
2006-02-17 12:44 ` Herbert Poetzl
2006-02-17 13:15 ` Eric W. Biederman
2006-02-17 13:39 ` Hubertus Franke
2006-02-17 21:40 ` Herbert Poetzl
2006-02-17 11:04 ` Eric W. Biederman
2006-02-20 10:06 ` Kirill Korotaev
2006-02-17 3:35 ` Hubertus Franke
2006-02-17 14:53 ` Serge E. Hallyn
2006-02-20 9:37 ` Kirill Korotaev
2006-02-20 12:47 ` Herbert Poetzl
2006-02-20 14:34 ` Kirill Korotaev
2006-02-20 15:27 ` Herbert Poetzl
2006-02-16 14:30 ` Herbert Poetzl
2006-02-16 15:37 ` Serge E. Hallyn
2006-02-16 17:13 ` Eric W. Biederman
2006-02-16 17:57 ` Serge E. Hallyn
2006-02-20 9:54 ` Kirill Korotaev [this message]
2006-02-20 18:19 ` Dave Hansen
2006-02-16 16:59 ` Eric W. Biederman
2006-02-16 17:41 ` Dave Hansen
2006-02-16 19:12 ` Herbert Poetzl
2006-02-16 19:38 ` Dave Hansen
2006-02-16 21:11 ` Sam Vilain
2006-02-20 10:10 ` Kirill Korotaev
2006-02-20 9:50 ` Kirill Korotaev
2006-02-20 13:00 ` Herbert Poetzl
2006-02-20 14:44 ` Kirill Korotaev
2006-02-20 15:36 ` Herbert Poetzl
2006-02-20 9:13 ` Kirill Korotaev
2006-02-20 18:07 ` Dave Hansen
2006-02-15 23:24 ` Sam Vilain
2006-02-16 5:50 ` Eric W. Biederman
2006-02-20 9:17 ` Kirill Korotaev
2006-02-20 20:01 ` Sam Vilain
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43F991DC.8010509@sw.ru \
--to=dev@sw.ru \
--cc=ak@suse.de \
--cc=akpm@osdl.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=arjan@infradead.org \
--cc=benh@kernel.crashing.org \
--cc=clg@fr.ibm.com \
--cc=dev@openvz.org \
--cc=ebiederm@xmission.com \
--cc=frankeh@watson.ibm.com \
--cc=gkurz@fr.ibm.com \
--cc=greg@kroah.com \
--cc=haveblue@us.ibm.com \
--cc=jes@sgi.com \
--cc=jgarzik@pobox.com \
--cc=kuznet@ms2.inr.ac.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=mrmacman_g4@mac.com \
--cc=riel@redhat.com \
--cc=saw@sawoct.com \
--cc=serue@us.ibm.com \
--cc=ssouhlal@FreeBSD.org \
--cc=torvalds@osdl.org \
--cc=trond.myklebust@fys.uio.no \
--cc=vserver@list.linux-vserver.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox