| 12345678910111213141516171819202122232425262728293031323334353637383940 |
- Namespaces compatibility list
- This document contains the information about the problems user
- may have when creating tasks living in different namespaces.
- Here's the summary. This matrix shows the known problems, that
- occur when tasks share some namespace (the columns) while living
- in different other namespaces (the rows):
- UTS IPC VFS PID User Net
- UTS X
- IPC X 1
- VFS X
- PID 1 1 X
- User 2 2 X
- Net X
- 1. Both the IPC and the PID namespaces provide IDs to address
- object inside the kernel. E.g. semaphore with IPCID or
- process group with pid.
- In both cases, tasks shouldn't try exposing this ID to some
- other task living in a different namespace via a shared filesystem
- or IPC shmem/message. The fact is that this ID is only valid
- within the namespace it was obtained in and may refer to some
- other object in another namespace.
- 2. Intentionally, two equal user IDs in different user namespaces
- should not be equal from the VFS point of view. In other
- words, user 10 in one user namespace shouldn't have the same
- access permissions to files, belonging to user 10 in another
- namespace.
- The same is true for the IPC namespaces being shared - two users
- from different user namespaces should not access the same IPC objects
- even having equal UIDs.
- But currently this is not so.
|
