Re: [PATCH -mm 5/7] add user namespace

From: Kirill Korotaev
Date: Wed Jul 12 2006 - 07:13:57 EST


Another example of not so evident coupling here:
user structure maintains number of processes/opened files/sigpending/locked_shm
etc.
if a single user can belong to different proccess/ipc/... namespaces
all these becomes unusable.


Why do the count of the number of objects a user has become
unusable if they can count objects in multiple namespaces?

Namespaces are about how names are looked up and how names are
created. Namespaces are not about the objects those names refer to.

One example below, which I believe is a bug due to coupling.
Will be glad to hear your opinion on this.

Let user u to unshare its process namespace and run e.g. httpd inside newly created 2nd process namespace.
Now imagine that user u hits his process rlimit.
He can't kill his httpd's because they are in another process namespace. He can kill visible to his bash processes from
1st process namespace, but httpd can spawn childs more after that. So we end up with the situation
when user u can't control his processes, nor run any other processes in his bash.

I'm fine with such situations, since we need containers mostly, but what makes me
really afraid is that it introduces hard to find/fix/maintain issues. I have no any other concerns.

Thanks,
Kirill

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/