Re: How secure is vserver?

On Sun, May 31, 2009 at 8:56 PM, Sthu Deus <sthu.deus@...> wrote:
> as what are the requirements. Can You explain its isolation level? Say, If I
> place there a server, and one day it will be hacked so that the criminal gets
> full control of the guest OS, - will it protect the host OS?

Linux vserver shares the kernel between the various virtual hosts, a
little like BSD jails. There are restrictions on what one can do: not
even root can modify network interfaces or even create a node (using
mknod) or mount a filesystem, so breaking out of the virtualhost is
pretty hard. No guarantees, but to answer your question, yes, it does
protect the host OS.


--
To UNSUBSCRIBE, email to debian-security-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...