TOMOYO

Fork

[tomoyo-users-en 713] tomoyo with docker

• Previous message (by thread): [tomoyo-users-en 712] TOMOYO Linux 1.8.6 / AKARI 1.0.39 / CaitSith 0.2.4 released.
• Next message (by thread): [tomoyo-users-en 714] Re: tomoyo with docker
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,
  Can tomoyo play nicely with container technologies like docker?

In other words is it possible to deploy a tomoyo policy that only applies
to a specific container?
This would mean that a process in the container may for example issue an
open("/etc/x.conf", ...), in its own mount namespace, and I want to allow
that open only in that container, but not for instance in the host (where
"/etc/x.conf" is a different file, if it exists), or in other containers
running on the same host.

Thanks,
  Vincenzo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.osdn.me/mailman/archives/tomoyo-users-en/attachments/20190826/7532c1a5/attachment.html>

• Previous message (by thread): [tomoyo-users-en 712] TOMOYO Linux 1.8.6 / AKARI 1.0.39 / CaitSith 0.2.4 released.
• Next message (by thread): [tomoyo-users-en 714] Re: tomoyo with docker
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]