Re: Jailed sysvipc implementation.
From: Dmitry Sivachenko (demon_at_freebsd.org)
Date: 06/25/03
- Previous message: Pawel Jakub Dawidek: "Re: Jailed sysvipc implementation."
- In reply to: Pawel Jakub Dawidek: "Jailed sysvipc implementation."
- Next in thread: Pawel Jakub Dawidek: "Re: Jailed sysvipc implementation."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 25 Jun 2003 17:51:06 +0400 To: Pawel Jakub Dawidek <nick@garage.freebsd.pl>
On Tue, Jun 24, 2003 at 06:46:02PM +0200, Pawel Jakub Dawidek wrote:
> Hello.
>
> Some time ago I've implemented private memory zones for IPC mechism.
> Every jail and main host got its own memory for IPC operations.
> It was implemented for FreeBSD 4.x. Avaliable at:
>
> http://garage.freebsd.pl/privipc.tbz
> http://garage.freebsd.pl/privipc.README
I think it would be better to add checks to disallow the use of IPC
primitives created in one jail from another.
Thus we will avoid allocating separate segments of kernel memory for
each jail.
It could be trivially achieved by adding another field to struct ipc_perm,
but Robert Watson said he knows another way of doing this without
breaking ABI (if I understood him right).
- application/pgp-signature attachment: stored
- Previous message: Pawel Jakub Dawidek: "Re: Jailed sysvipc implementation."
- In reply to: Pawel Jakub Dawidek: "Jailed sysvipc implementation."
- Next in thread: Pawel Jakub Dawidek: "Re: Jailed sysvipc implementation."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|