lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <50ACA05F.7080005@gmail.com>
Date:	Wed, 21 Nov 2012 17:35:27 +0800
From:	Rui Xiang <leo.ruixiang@...il.com>
To:	"Serge E. Hallyn" <serge@...lyn.com>
CC:	serge.hallyn@...onical.com, containers@...ts.linux-foundation.org,
	netdev@...r.kernel.org, "Eric W. Biederman" <ebiederm@...ssion.com>
Subject: Re: [PATCH RFC 0/5] Containerize syslog

On 2012-11-19 22:37, Serge E. Hallyn wrote:
> Quoting Rui Xiang (leo.ruixiang@...il.com):
>> From: Xiang Rui <rui.xiang@...wei.com>
>>
>> In Serge's patch (http://lwn.net/Articles/525629/), syslog_namespace was tied to a user
>> namespace. We add syslog_ns tied to nsproxy instead, and implement ns_printk in
>> ip_table context.
> 
> Since you say 'we', I'm just wondering, which project is this a part of?
> 

Hi,Serge

Thank you for your attention.

We may use container in our company, and one of the missing part we found is syslog
isolation (though we require this feature or not is not sure at this moment), so we
made this patchset.

>> We add syslog_namespace as a part of nsproxy, and a new flag CLONE_SYSLOG to unshare
>> syslog area.
> 
> Thanks, looks like you save me the time of having to add some users of
> nsprintk :)
> 
> I understand that user namespaces aren't 100% usable yet, but looking
> long term, is there a reason to have the syslog namespace separate
> from user namespace?

Actually we don't have strong preference. We'll think more about it. Hope we can make
consensus with Eric.

Thanks,
Rui Xiang
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ