Socket mezi dvema jaily

Dan Lukes dan at obluda.cz
Wed Sep 30 09:20:23 CEST 2009

Previous message: Socket mezi dvema jaily
Next message: Socket mezi dvema jaily
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jen pro doplneni:

  ---------------------
Processes within the jail will find that they are unable to interact or 
even verify the existence of processes outside the jail -- processes 
within the jail are prevented from delivering signals to processes 
outside the jail, as well as connecting to those processes with 
debuggers, or even see them in the sysctl or process file system 
monitoring mechanisms. Jail does not prevent, nor is it intended to 
prevent, the use of covert channels or communications mechanisms via 
accepted interfaces -- for example, two processes may communicate via 
sockets over the IP network interface. Nor does it attempt to provide 
scheduling services based on the partition; however, it does prevent 
calls that interfere with normal process operation.
  ---------------------
Kirk McKusick, ;login: The USENIX Magazine, 2004, Volume 29, Number 4
http://www.usenix.org/publications/login/2004-08/pdfs/mckusick.pdf


Takze zalezi, jestli IPC je nebo ma byt "accepted interface" ...


						Dan

Previous message: Socket mezi dvema jaily
Next message: Socket mezi dvema jaily
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users-l mailing list