Re: Building and running Hurd in a subhurd/chroot?

bug-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Building and running Hurd in a subhurd/chroot?

From:	Justus Winter
Subject:	Re: Building and running Hurd in a subhurd/chroot?
Date:	Thu, 03 Jul 2014 10:18:47 +0200
User-agent:	alot/0.3.4

Quoting Samuel Thibault (2014-07-02 23:19:17)
> Svante Signell, le Wed 02 Jul 2014 23:13:34 +0200, a écrit :
> > - Run in a subhurd or chroot, which is best?
> 
> It depends which isolation you want. Subhurd is almost complete
> isolation. Chroots share the proc, auth etc. servers.

This only holds for rather tiny values of complete isolation.  Our
proc server is not subhurd-aware, a sufficiently privileged user
inside the subhurd can manipulate processes outside the subhurd
environment.

If you use subhurds, you must not use sysvinit to shut down the
subhurd.  Doing so will bring down your system, as killall5 will kill
vital system servers.

Justus

[Prev in Thread]

Current Thread

[Next in Thread]

Building and running Hurd in a subhurd/chroot?, Svante Signell, 2014/07/02
- Re: Building and running Hurd in a subhurd/chroot?, Samuel Thibault, 2014/07/02
  - Re: Building and running Hurd in a subhurd/chroot?, Justus Winter <=

Prev by Date: Re: GSOC - valgrind-hurd queries
Next by Date: Re: nscd fails to build
Previous by thread: Re: Building and running Hurd in a subhurd/chroot?
Next by thread: Re: GSOC - valgrind-hurd queries
Index(es):
- Date
- Thread