Re: chroot administration
btw, when I said "stole" i didnt mean it to be harsh. sorry if it came
off that way.
shaya
On Wed, 2002-08-14 at 04:26, Russell Coker wrote:
> On Wed, 14 Aug 2002 05:35, Shaya Potter wrote:
> > On Tue, 2002-08-13 at 22:09, Colin Walters wrote:
> > > On Tue, 2002-08-13 at 17:48, Russell Coker wrote:
> > > > I have written SE Linux policy for administration of a chroot
> > > > environment. That allows me to give full root administration access
> > > > (ability to create/delete users, kill processes running under different
> > > > UIDs, ptrace, etc) to a chroot environment without giving any access to
> > > > the rest of the system.
> > >
> > > Since no one else has apparently said it explictly yet, I have to say
> > > that's extremely cool :)
>
> Thanks Colin.
>
> > argh. its so cool that you essentially stole my summer research. :(.
> > Does this allow you to create any amount of chroot jails? We are also
>
> It allows the administrator to create any number of chroot jail setups for a
> given user, and they can set them up for as many users as they like.
>
> > working on making "virtual IPs" that each jail would get. We are also
> > working on being able to move the processes while running (w/ network
> > connections) from machine to machine w/o needing any state on initial
> > machine.
>
> I am not planning to work on moving processes etc.
>
> If you'd like to build on top of my work then you are welcome, it'll all be
> in Debian in a few days.
>
> --
> I do not get viruses because I do not use MS software.
> If you use Outlook then please do not put my email address in your
> address-book so that WHEN you get a virus it won't use my address in the
> >From field.
Reply to: