Hi,
There are a really nasty bug in linux kernel that will allow a normal
user kill the entire box, including vserver hosts. I'm thinking we maybe
should go back to using the vserver+grsec patch for the alpine-vserver
iso.
We would disable some of the (redundant?) chroot restrictions, or maybe
all, by default so the vserver guests would work as expected.
Currently, its pretty nice to have a non grsecurity kernel for
reference. We would probably need a vanilla kernel in addition.
What do you think?
-nc
---
Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org
Help: alpine-devel+help@lists.alpinelinux.org
---