[Devel] RE: Building a SECURE cointainer using Cgroups ?
Tanaka, Thomas
thomas.tanaka at intel.com
Mon Oct 13 14:13:40 PDT 2008
I should have said filesystem namespace isolation. For example, isolating a process from accessing proc, sys, such that it is only able to access a predefined list of directory.
Quoting Tanaka, Thomas (thomas.tanaka at intel.com):
> Thanks for the quick reply.
> Just out of curiosity, Is it possible to develop a cgroup subsystem that just does the filesystem isolation?
Exactly what filesystem isolation?
-serge
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list