[Devel] RE: Building a SECURE cointainer using Cgroups ?
Tanaka, Thomas
thomas.tanaka at intel.com
Mon Oct 13 11:01:48 PDT 2008
Yes absolutely that is what I am trying to achieve.
> Is it possible to build a secure container by using cgroups? My goal
> is to achieve a file system namespace container that will limit the
> file system view given to a process similar to chroot does but of
> course has to be secure.
You'll have to be a bit more specific than that. Do you want to make
absolutely sure that certain containers have absolutely no access to
certain fs namespaces?
-- Dave
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list