[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] Introducing bubblewrap

From: Colin Walters <walters verbum org>
To: atomic-devel projectatomic io
Subject: Re: [atomic-devel] Introducing bubblewrap
Date: Mon, 09 May 2016 13:38:25 -0400

On Fri, May 6, 2016, at 04:51 PM, Muayyad AlSadi wrote:

What I'm considering is not a complex daemon/service that create the container but just create veth pair.
Unc proof of concept uses two separated binaries unc that creates container and unet which is the setuid that configure it's network

It'd likely be interesting for bubblewrap to support some mechanism for passing in an externally-configured network namespace. I can see various use cases for that.

Concretely, one might want to disallow access to the active VPN tunnel, or use a packet filter.

I filed https://github.com/projectatomic/bubblewrap/issues/61

References:
- [atomic-devel] Introducing bubblewrap
  - From: Colin Walters
- Re: [atomic-devel] Introducing bubblewrap
  - From: Josh Berkus
- Re: [atomic-devel] Introducing bubblewrap
  - From: Daniel J Walsh
- Re: [atomic-devel] Introducing bubblewrap
  - From: Karanbir Singh
- Re: [atomic-devel] Introducing bubblewrap
  - From: Muayyad AlSadi
- Re: [atomic-devel] Introducing bubblewrap
  - From: Daniel J Walsh
- Re: [atomic-devel] Introducing bubblewrap
  - From: Muayyad AlSadi
- Re: [atomic-devel] Introducing bubblewrap
  - From: Daniel J Walsh
- Re: [atomic-devel] Introducing bubblewrap
  - From: Muayyad AlSadi

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]