blob: 8ad13863652120d8adaad5207918f8a1408c5562 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
% Registration Glen or Glenda: Empowering Users and
% Applications with Private Namespaces
% Eric Van Hensbergen (bergevan@us.ibm.com)
Private namespaces were first introduced into
Linux during the 2.4 kernel series. Their use
has been limited due to namespace manipulation
being considered a privileged operation.
Giving users and applications the ability to
create private namespaces as well as the
ability to mount and bind resources is the key
to unlocking the full potential of this
technology. There are serious performance,
security and stability issues involved with
user-controlled dynamic private namespaces in
Linux. This paper will propose a mechanism for
maintaining system integrity while unlocking
the power of dynamic namespaces for normal
users. It will go on to discuss relevant
potential applications of this technology
including its use with FUSE (Filesystem in
Userspace), v9fs (the Linux port of the Plan 9
resource sharing protocol) and Plan 9 from
User Space (the Plan 9 application suite
including userspace synthetic file servers
ported to UNIX variants).
|
