[Devel] Re: [patch 0/1][NETNS49] Make af_unix autobind per namespace
Cedric Le Goater
clg at fr.ibm.com
Wed Oct 3 06:11:44 PDT 2007
Denis V. Lunev wrote:
> Daniel Lezcano wrote:
>> Eric W. Biederman wrote:
>>> Daniel Lezcano <dlezcano at fr.ibm.com> writes:
>>>
>>>> The following patch change autobind fonction to use the ordernum
>>>> from the network namespace instead of using the local static variable.
>>> Why do we care?
>>> Information leak?
>>> Some application is expecting a predictable autobind value?
>>>
>>> Just skimming the code it looks like it will work correctly without
>>> this.
>> I think my summary is ... too short :)
>>
>> I don't see any applications taking care of this. If they ask for an
>> abstract socket, then they don't care about the bind result. So
>> probably, the patchset is totally useless.
>>
>> But from the POV of the checkpoint/restart, we should check if this
>> value is somewhere visible from userspace and so storable by an
>> application.
>
> we do not care with this in checkpointing. One namespace socket does not
> see other namespace socket
my 2 cnts,
when 'restarting' a socket bound to an abstract name, we will have
a EADDRINUSE if we try to rebind it to an abtract name which is
already in use by a socket in a another namespace ?
it seems to me that this is an identifier and like any identifier
it should be private to the namespace, which probably means having
unix_abstract_socket_table[] per net namespace.
Cheers,
C.
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list