[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: chroot administration



On Wed, 14 Aug 2002 05:35, Shaya Potter wrote:
> On Tue, 2002-08-13 at 22:09, Colin Walters wrote:
> > On Tue, 2002-08-13 at 17:48, Russell Coker wrote:
> > > I have written SE Linux policy for administration of a chroot
> > > environment. That allows me to give full root administration access
> > > (ability to create/delete users, kill processes running under different
> > > UIDs, ptrace, etc) to a chroot environment without giving any access to
> > > the rest of the system.
> >
> > Since no one else has apparently said it explictly yet, I have to say
> > that's extremely cool :)

Thanks Colin.

> argh. its so cool that you essentially stole my summer research. :(.
> Does this allow you to create any amount of chroot jails?  We are also

It allows the administrator to create any number of chroot jail setups for a 
given user, and they can set them up for as many users as they like.

> working on making "virtual IPs" that each jail would get.  We are also
> working on being able to move the processes while running (w/ network
> connections) from machine to machine w/o needing any state on initial
> machine.

I am not planning to work on moving processes etc.

If you'd like to build on top of my work then you are welcome, it'll all be 
in Debian in a few days.

-- 
I do not get viruses because I do not use MS software.
If you use Outlook then please do not put my email address in your
address-book so that WHEN you get a virus it won't use my address in the
>From field.



Reply to: