From: Jacques Gelinas (jack_at_solucorp.qc.ca)
Date: Tue Oct 23 2001 - 21:09:41 EDT
On Tue, 23 Oct 2001 16:56:38 -0500, Chris Wright wrote
> * Jacques Gelinas (jack_at_solucorp.qc.ca) wrote:
> > > I really would like to move vserver into production soon,
> > > since it seems ready ... but this cannot be done if the
> > > interface to userspace conflicts with other code...
> >
> > I have to review the LSM. I tough it was related to the NSA thing and
> > as such was introducing much changes to the kernel (or many little things
> > here and there)
>
> i've started looking at making a vserver LSM module. it looks like it
> won't be too tough, and i think vserver might get some new protection.
> one obvious change would be the syscall method, as LSM creates a
> sys_security syscall that is a multiplexor much like the sys_socketcall.
>
> are people interested in this?
When I started the vserver project, I was trying to fix a little problem. Few
weeks later, this is changing everything, from the way we install firewalls
to the way developpers work.
If we can keep the simplicity and add functionality, this is cool. I am downloading
the latest LSM now....
---------------------------------------------------------
Jacques Gelinas <jack_at_solucorp.qc.ca>
vserver: run general purpose virtual servers on one box, full speed!
http://www.solucorp.qc.ca/miscprj/s_context.hc
This archive was generated by hypermail 2.1.4 : Mon Aug 19 2002 - 12:01:00 EDT