Re: Linux 3.2 in wheezy

To: debian-devel@lists.debian.org
Subject: Re: Linux 3.2 in wheezy
From: md@Linux.IT (Marco d'Itri)
Date: Sat, 4 Feb 2012 17:15:26 +0100
Message-id: <[🔎] 20120204161526.GA8788@bongo.bofh.it>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20120203113103.GA16544@wavehammer.waldi.eu.org>
References: <20120129182205.GR12704@decadent.org.uk> <1327867067.13223.3.camel@hidalgo> <1327872371.5400.375.camel@deadeye> <20120130004459.GA22039@angband.pl> <20120130013115.GB19215@bongo.bofh.it> <[🔎] 20120203113103.GA16544@wavehammer.waldi.eu.org>

On Feb 03, Bastian Blank <waldi@debian.org> wrote:

> > http://blog.bofh.it/debian/id_413
> This example shows nothing new. If you have CAP_SYS_MOUNT, you can also
> just mount the root filesystem into your own tree.
> 
> Linux-VServer does not help against processes with too much
> capabilities, not sure about OpenVZ.
OpenVZ does: /sys is there but you cannot use it to influence the host 
(because it was designed from ground up to be secure).

> > > * how to execute a command in a running VM?  lxc-execute complains that the
> > Lack of something like VE_ENTER also makes it unsuitable for me.
> ssh works.
Not for my use case, I wrote a pam_vz module which removes the need to 
have sshd, ftpd and cron in guests.

-- 
ciao,
Marco

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: Linux 3.2 in wheezy
  - From: Adam Borowski <kilobyte@angband.pl>

References:
- Re: Linux 3.2 in wheezy
  - From: Bastian Blank <waldi@debian.org>

Prev by Date: Re: bits from the DPL for January 2012
Next by Date: Bug#658620: ITP: ion -- NASA implementation of Delay-Tolerant Networking (DTN)
Previous by thread: Re: Linux 3.2 in wheezy
Next by thread: Re: Linux 3.2 in wheezy
Index(es):
- Date
- Thread