From owner-freebsd-hackers@FreeBSD.ORG  Fri Aug 27 15:18:52 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6097616A4CE
	for <hackers@freebsd.org>; Fri, 27 Aug 2004 15:18:52 +0000 (GMT)
Received: from plab.ku.dk (plab.ku.dk [130.225.107.20])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2190E43D48
	for <hackers@freebsd.org>; Fri, 27 Aug 2004 15:18:52 +0000 (GMT)
	(envelope-from dk@plab.ku.dk)
Received: from plab.ku.dk (localhost [127.0.0.1])
	by plab.ku.dk (Postfix) with SMTP id 033CD5253D
	for <hackers@freebsd.org>; Fri, 27 Aug 2004 17:18:51 +0200 (CEST)
Received: by plab.ku.dk (Postfix, from userid 1003)
	id 714175253B; Fri, 27 Aug 2004 17:18:50 +0200 (CEST)
Mime-version: 1.0
Content-type: text/plain; charset="koi8-r"
Content-transfer-encoding: 8bit
Keywords: 2001334874
X-Comment-To: Ted Unangst
Sender: dk@plab.ku.dk
To: hackers@freebsd.org
From: Dmitry Karasik <dmitry@karasik.eu.org>
Date: 27 Aug 2004 17:18:50 +0200
In-Reply-To: Ted Unangst's message of "Mon, 23 Aug 2004 10:12:42 -0700"
Message-ID: <84zn4g7go5.fsf_-_@plab.ku.dk>
Lines: 22
X-Mailer: Gnus v5.7/Emacs 20.7
Subject: shared memory in jails
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Aug 2004 15:18:52 -0000


Hi hackers,

I've been playing with shared memory in jails, and very soon found
out that one jail's segments are visible (didn't check the accesibility
thoroughly) in another, which IMO is against the very idea of the jail.
( The exact problem is that postgresqls, when run in jails, try to use same
set of IPC keys and (expectedly) fail ).

I'm not really sure if the issue was already discussed, but even if it
wasn't, I wonder if anything can be done to fix the problem. I think I 
am myself able to hack sys/kern/sysv_shm.c and around, but what I do not know
is the extent of the area that should be affected by the proper solution.

Do you have any ideas or comments on this?

-- 
Sincerely,
	Dmitry

--- www.karasik.eu.org ---