Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 8 Sep 2011 19:26:47 +0400
From: Vasiliy Kulikov <segoon@...nwall.com>
To: owl-dev@...ts.openwall.com
Subject: Re: /tmp fs type

Elia,

On Thu, Sep 08, 2011 at 15:56 +0200, yersinia wrote:
> On Wed, Sep 7, 2011 at 11:36 AM, Solar Designer <solar@...nwall.com> wrote:
> > Openwall support pam_namespace already (
> http://www.coker.com.au/selinux/talks/sage-2006/PolyInstantiatedDirectories.html)
> ? It is not only for selinux system. Just for curiosity.

We don't.  Is it useful for legacy /tmp/ issue only?  We deal with it
with pam_mktemp:

http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/pam_mktemp/pam_mktemp/README?rev=1.2;content-type=text%2Fplain

It is simpler than using separate namespaces and it doesn't rely
on any special kernel code.


Thanks,

-- 
Vasiliy

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ