[nycbug-talk] Jail Performance

[Isaac Levy]

On Jan 5, 2005, at 10:40 AM, Bob Ippolito wrote:

> If each daemon is running in a separate jail, then the security is 
> that there is no way (assuming the kernel is not buggy, which you 
> don't)

Right on the mark, stated simpler than my rant.  If one has kernel 
issues, then one has way more serious issues to worry about...

Question for Sunny:

- What happens if a UML instance has a buggy/exploitable kernel?  How 
or is it contained?  I'm just curious...

Rocket-
.ike