[Devel] Re: Building a SECURE cointainer using Cgroups ?
Dave Hansen
dave at linux.vnet.ibm.com
Mon Oct 13 10:54:56 PDT 2008
On Mon, 2008-10-13 at 10:03 -0700, Tanaka, Thomas wrote:
> Is it possible to build a secure container by using cgroups? My goal
> is to achieve a file system namespace container that will limit the
> file system view given to a process similar to chroot does but of
> course has to be secure.
You'll have to be a bit more specific than that. Do you want to make
absolutely sure that certain containers have absolutely no access to
certain fs namespaces?
-- Dave
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list