[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] Introducing bubblewrap



 
 
 
On Fri, May 6, 2016, at 04:51 PM, Muayyad AlSadi wrote:

What I'm considering is not a complex daemon/service that create the container but just create veth pair.

Unc proof of concept uses two separated binaries unc that creates container and unet which is the setuid that configure it's network

 
It'd likely be interesting for bubblewrap to support some mechanism for passing in an externally-configured network namespace.  I can see various use cases for that.
 
Concretely, one might want to disallow access to the active VPN tunnel, or use a packet filter.
 
I filed https://github.com/projectatomic/bubblewrap/issues/61
 

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]