[Devel] Re: [RFC] network namespaces
Dmitry Mishin
dim at openvz.org
Sat Sep 9 00:57:24 PDT 2006
On Friday 08 September 2006 22:11, Herbert Poetzl wrote:
> actually the light-weight ip isolation runs perfectly
> fine _without_ CAP_NET_ADMIN, as you do not want the
> guest to be able to mess with the 'configured' ips at
> all (not to speak of interfaces here)
It was only an example. I'm thinking about how to implement flexible solution,
which permits light-weight ip isolation as well as full-fledged netwrok
virtualization. Another solution is to split CONFIG_NET_NAMESPACE. Is it good
for you?
--
Thanks,
Dmitry.
More information about the Devel
mailing list