-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bastian Blank <[EMAIL PROTECTED]> writes:
> On Tue, Aug 23, 2005 at 05:04:57PM +0100, Roger Leigh wrote: >> Not a kernel feature, but see >> http://packages.debian.org/unstable/admin/schroot > > Does not help, each chroot needs to be setup by root and you need root > priviledges to install packages in it. You can give root privs to users just inside the chroot. That's what root_groups is for in the config file. The user doesn't need full root access to the host system (like with plain sbuild, which requires full sudo privs), though obviously it's still possible to subvert, but not as simple as with sudo. Either way, not something for untrusted users to have access to, but schroot does at least give you a bit more safety. Once it has Xen capability, it will give each user their own personal Xen instance. This will be created on the fly from e.g. an LVM snapshot or unionfs, but this can be configurable. Regards, Roger - -- Roger Leigh Printing on GNU/Linux? http://gimp-print.sourceforge.net/ Debian GNU/Linux http://www.debian.org/ GPG Public Key: 0x25BFB848. Please sign and encrypt your mail. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/> iD8DBQFDC4NYVcFcaSW/uEgRAnSAAKCKdscIjxyrTl3cOVOEPX/BdI7GlACgg5xo pYpCULVsUC42xO0rOqcYmA0= =ObRb -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
