[nycbug-talk] Jail Performance

Isaac Levy ike
Wed Jan 5 10:48:02 EST 2005

On Jan 5, 2005, at 10:40 AM, Bob Ippolito wrote:

> If each daemon is running in a separate jail, then the security is 
> that there is no way (assuming the kernel is not buggy, which you 
> don't)

Right on the mark, stated simpler than my rant.  If one has kernel 
issues, then one has way more serious issues to worry about...

Question for Sunny:

- What happens if a UML instance has a buggy/exploitable kernel?  How 
or is it contained?  I'm just curious...


More information about the talk mailing list