Linked Questions
11 questions linked to/from kernel: Namespaces support
25
votes
3
answers
20k
views
per process private file system mount points
I was checking unshare command and according to it's man page,
unshare - run program with some namespaces unshared from parent
I also see there is a type of namespace listed as,
mount namespace
...
- 40.6k
20
votes
1
answer
16k
views
What's the purpose of the /proc/pid/mountinfo file?
What's the purpose of the /proc/pid/mountinfo file (with pid being numerical process id)?
As far as I can see it reflects contents of the /proc/mounts file but with added information.
Also the file ...
- 2,448
23
votes
3
answers
15k
views
Myth or reality: SELinux can confine the root user?
I read or heard somewhere (maybe in LinuxCBT's SELinux course; but I'm not sure) that there are online Linux servers, for which the password of the root user is also given. The Linux server is ...
- 403
3
votes
3
answers
34k
views
What is required by a process to set its uid to 0 (root)?
I am completely new to *NIX based OSes. One of the things that baffles me is that a process or program may execute setuid(0) and then perform privileged operations and revert back to its normal uid.
...
- 1,305
7
votes
4
answers
5k
views
Can LXC be used to jail instances of an installed browser?
Is it possible to use LXC on a desktop system to confine browsers and other pieces of software that have in the past been shown to be prone to certain kinds of exploits. So what I want to achieve is ...
- 17k
6
votes
2
answers
5k
views
Hook action on process creation
Is it possible to hook a script execution on each process creation?
Essentially the equivalent of inotifywait to monitor disk activity but applied to the process table.
It would be to allow to do an ...
- 1,956
4
votes
1
answer
3k
views
Linux Permissions UID 0 vs Ring 0
I am studying for a Computer Security exam, and I am struggling to understand the following sample question.
'Explain the difference between running in ring 0 on x86 and running as UID 0 in Linux. ...
- 43
4
votes
3
answers
417
views
Disallow File IO for a process except for FIFOs
How do you start a process that cannot do any file IO (opening / closing files, creating / deleting files, reading / writing files, etc.), except to read and write to pre-created FIFOs?
(chroot will ...
- 415
6
votes
1
answer
943
views
PID in arch-chroot is incorrect
I am trying to run a python script in a chroot (specifically, the chroot is created with arch-chroot). The python script relies on os.getpid(), but this seems to be returning an incorrect PID within ...
- 5,501
2
votes
1
answer
853
views
What is the history of /etc/mtab and what updated it?
I updated an old linux boot disk with new utilities and shared libraries. It still had an empty /etc/mtab to start with, on the old disk the /etc/mtab was updated, on the new one /etc/mtab stayed ...
- 293
0
votes
1
answer
170
views
Are there some Unix or Unix-like operating systems that still treats the "root" user as the superuser?
Linux does not treat the "root" user as the superuser anymore, but rather Linux uses capabilities which gives a process privileges (I think BSD does a similar thing).
So for example in older Linux ...
- 1,383