Explore a conference talk on extending user namespaces to allow host-isolated UID/GID usage in Linux systems. Delve into the ongoing discussion initiated by Stéphane Graber and Christian Brauner, as Aleksandr Mikhalitsyn and Stéphane Graber present new findings and address challenges with the Linux kernel community. Examine key topics such as the extension of kuid_t/kgid_t to 64-bit width and the VFS permission model for unmapped UID/GIDs. Gain insights into the potential improvements for user namespace allocation and isolation in Linux environments.
User Namespaces with Host-Isolated UIDs/GIDs - Linux Kernel Extension
Linux Plumbers Conference via YouTube
Overview
Syllabus
User namespaces with host-isolated UIDs/GIDs - Aleksandr Mikhalitsyn, Stéphane Graber
Taught by
Linux Plumbers Conference
Related Courses
-
Isolated User Namespaces and Cgroupfs
-
State of the User Namespace - Privileged Containers and Security Implications
-
What's New in the User Namespace - Recent Developments and Future Outlook
-
Syscall Supervision in User Namespaces and Unprivileged Containers
-
Container Kernel Development
-
Linux Namespaces for Fun and Isolation - NDC Security 2024
