[PATCH 11/15] Signal semantics

Pavel Emelyanov xemul at openvz.org
Mon Jul 30 02:31:44 PDT 2007


[snip]

>> | Maybe it's worth disabling cross-namespaces ptracing...
>>
>> I think so too. Its probably not a serious limitation ?
> 
> Several people think we will implement 'namespace entering' through a
> ptrace hack, where maybe the admin ptraces the init in a child pidns,

Why not implement namespace entering w/o any hacks? :)

> makes it fork, and makes the child execute what it wants (i.e. ps -ef).
> 
> You're talking about killing that functionality?

No. We're talking about disabling the things that are not supposed 
to work at all.

> -serge
> 



More information about the Containers mailing list