This is the
talk page for discussing improvements to the
LXC article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google ( books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
![]() | This article is rated C-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||
|
Most unices support a mechanism to 'pass' a file descriptor through a socket. ( http://archives.neohapsis.com/archives/postfix/2000-09/1476.html) For example, you might have a virus scanning daemon running as an unpriviledge user, and then to scan a file, a client can pass an open file descriptor over the socket to the virus scanning daemon. The scanning daemon can then read that file to search for viruses, even though it is running under a user that normally cannot access the file.
Does LXC allow file descriptor passing of this type between security contexts?
PS- I've asked the same question about Talk:LXC, Talk:Linux-VServer and Talk:OpenVZ 128.112.139.195 ( talk) 20:42, 11 November 2012 (UTC)
As far as I can see, passing file descriptors through Unix sockets works between namespaces, just as Unix sockets can be used between namespaces if their associated files are accessible. Have a look at this explanation and net/unix/af_unix.c for Unix sockets and namespaces in general, and net/core/scm.c and its scm_fp_copy() for actual handling of SCM_RIGHTS. No namespaces-related checks are there, as far as I can see.
So, how do we improve an article with this kind of info? Who comes to Wikipedia to read about such details? :) — Dsimic ( talk | contribs) 04:16, 11 April 2014 (UTC)
Is this issue still present? Some information would be good, as the weblink does not present this information. -- 89.0.184.138 ( talk) 17:02, 19 January 2013 (UTC)
The result of the move request was: already closed; no consensus for the proposed title, as per the discussion below. Dekimasu よ! 00:51, 12 October 2014 (UTC)
LXC (LinuX Containers) → Linux containers – To me, there's little sense in having both an acronym and full name as a title. Maybe "LXC (software)" could be another option for the article title. — Dsimic ( talk | contribs) 17:35, 25 September 2014 (UTC)
Add Stéphane Graber's blog posts about LXC to this wiki page
I think all working Linux container technologies which are in use deserve to be present on Wikipedia. Unless someone has strong arguments for the contrary, I believe this article should be un-tagged as non-notable. -- Arny ( talk) 17:55, 29 November 2017 (UTC)
Although the LXC name derives from Linux Container and may be the first project using the word container in the context, using Linux containers nowadays doesn't necessarily imply using LXC. I'm not entirely sure how to make this difference clearer, but the way this article starts looks a little misleading to me. Glemco ( talk) 09:33, 24 January 2023 (UTC)
This is the
talk page for discussing improvements to the
LXC article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google ( books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
![]() | This article is rated C-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||
|
Most unices support a mechanism to 'pass' a file descriptor through a socket. ( http://archives.neohapsis.com/archives/postfix/2000-09/1476.html) For example, you might have a virus scanning daemon running as an unpriviledge user, and then to scan a file, a client can pass an open file descriptor over the socket to the virus scanning daemon. The scanning daemon can then read that file to search for viruses, even though it is running under a user that normally cannot access the file.
Does LXC allow file descriptor passing of this type between security contexts?
PS- I've asked the same question about Talk:LXC, Talk:Linux-VServer and Talk:OpenVZ 128.112.139.195 ( talk) 20:42, 11 November 2012 (UTC)
As far as I can see, passing file descriptors through Unix sockets works between namespaces, just as Unix sockets can be used between namespaces if their associated files are accessible. Have a look at this explanation and net/unix/af_unix.c for Unix sockets and namespaces in general, and net/core/scm.c and its scm_fp_copy() for actual handling of SCM_RIGHTS. No namespaces-related checks are there, as far as I can see.
So, how do we improve an article with this kind of info? Who comes to Wikipedia to read about such details? :) — Dsimic ( talk | contribs) 04:16, 11 April 2014 (UTC)
Is this issue still present? Some information would be good, as the weblink does not present this information. -- 89.0.184.138 ( talk) 17:02, 19 January 2013 (UTC)
The result of the move request was: already closed; no consensus for the proposed title, as per the discussion below. Dekimasu よ! 00:51, 12 October 2014 (UTC)
LXC (LinuX Containers) → Linux containers – To me, there's little sense in having both an acronym and full name as a title. Maybe "LXC (software)" could be another option for the article title. — Dsimic ( talk | contribs) 17:35, 25 September 2014 (UTC)
Add Stéphane Graber's blog posts about LXC to this wiki page
I think all working Linux container technologies which are in use deserve to be present on Wikipedia. Unless someone has strong arguments for the contrary, I believe this article should be un-tagged as non-notable. -- Arny ( talk) 17:55, 29 November 2017 (UTC)
Although the LXC name derives from Linux Container and may be the first project using the word container in the context, using Linux containers nowadays doesn't necessarily imply using LXC. I'm not entirely sure how to make this difference clearer, but the way this article starts looks a little misleading to me. Glemco ( talk) 09:33, 24 January 2023 (UTC)