[patch 0/1][NETNS49] Make af_unix autobind per namespace

Denis V. Lunev den at sw.ru
Wed Oct 3 01:14:07 PDT 2007


Daniel Lezcano wrote:
> Eric W. Biederman wrote:
>> Daniel Lezcano <dlezcano at fr.ibm.com> writes:
>>
>>> The following patch change autobind fonction to use the ordernum
>>> from the network namespace instead of using the local static variable.
>>
>> Why do we care?
>> Information leak?
>> Some application is expecting a predictable autobind value?
>>
>> Just skimming the code it looks like it will work correctly without
>> this.
> 
> I think my summary is ... too short :)
> 
> I don't see any applications taking care of this. If they ask for an
> abstract socket, then they don't care about the bind result. So
> probably, the patchset is totally useless.
> 
> But from the POV of the checkpoint/restart, we should check if this
> value is somewhere visible from userspace and so storable by an
> application.

we do not care with this in checkpointing. One namespace socket does not
see other namespace socket

Regards,
	Den


More information about the Containers mailing list