| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <201009290609.33773.remi@remlab.net> Date: Wed, 29 Sep 2010 06:09:33 +0300 From: "Rémi Denis-Courmont" <remi@...lab.net> To: "Eric W. Biederman" <ebiederm@...ssion.com>, Linux Containers <containers@...ts.osdl.org> Cc: netdev@...r.kernel.org Subject: Re: [ABI REVIEW][PATCH 0/8] Namespace file descriptors (Trimming To/Cc heavily) Hello, On Thursday 23 September 2010, Eric W. Biederman wrote: > Introduce file for manipulating namespaces and related syscalls. > files: > /proc/self/ns/<nstype> > > syscalls: > int setns(unsigned long nstype, int fd); > socketat(int nsfd, int family, int type, int protocol); > > Netlink attribute: > IFLA_NS_FD int fd. I have not reviewed the code, but that seems quite nice. At Nokia, we already use network namespaces to implement the Multimedia Message Service. Inconveniently enough, that is HTTP/TCP/IP in a dedicated IP namespace. Similarly, I expect this could be useful to implement the IMS, if/when mobile operators start using it (that does not mean Nokia will or will not do it). Using netns, we avoided overlapping with the normal Internet connectivity. setns() would be much more convenient than fork()+unshare(). -- Rémi Denis-Courmont http://www.remlab.net/ -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists