[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Building and running Hurd in a subhurd/chroot?

Quoting Samuel Thibault (2014-07-02 23:19:17)
> Svante Signell, le Wed 02 Jul 2014 23:13:34 +0200, a écrit :
> > - Run in a subhurd or chroot, which is best?
> It depends which isolation you want. Subhurd is almost complete
> isolation. Chroots share the proc, auth etc. servers.

This only holds for rather tiny values of complete isolation.  Our
proc server is not subhurd-aware, a sufficiently privileged user
inside the subhurd can manipulate processes outside the subhurd

If you use subhurds, you must not use sysvinit to shut down the
subhurd.  Doing so will bring down your system, as killall5 will kill
vital system servers.


Reply to: