Björn König wrote: > Hello, > > unprivileged users of the host environment can see jailed processes with > the same user ID. Furthermore they are able to send signals to these > processes. I think since users are not allowed to imprison processes > there is no reason why they should see them or even kill them. From the hosts point of view a jail is like a user and all processes in that jail are of that user. If you have normal users on the host and have jails under the same user id then, yea, tough luck. You're not supposed to do that. The purpose of jail is to protect the host from what is running in the jail, not the other way around. -- AndreReceived on Mon Feb 06 2006 - 12:04:12 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:52 UTC