unnecessary /proc requirement in 3.1.1
L. A. Walsh
rsync at tlinx.org
Thu Aug 20 04:09:43 UTC 2015
Fyodorov "Bga" Alexander wrote:
> Hi. Thanks for good program.
> Whole /proc is serious security
> risk for me. Why?
You could run rsync in a separate namespace (container)
and only mount /proc in the new namespace -- other users wouldn't
Bunch of tools 'lxc-xxxxx'
URL : http://linuxcontainers.org/
Summary : Userspace tools for the Linux kernel containers
It provides commands to create and manage containers. It contains a
full featured container with the isolation/virtualization of the pids,
the ipc, the utsname, the mount points, /proc, /sys, the network and it
takes into account the control groups. It is very light, flexible, and
provides a set of tools around the container like the monitoring with
asynchronous events notification, or the freeze of the container. This
package is useful to create Virtual Private Server, or to run isolated
applications like bash or sshd.
More information about the rsync