From: Sapan Bhatia <gwsapan@gmail.com>
Date: Tue, 24 Apr 2012 06:53:14 +0000 (-0400)
Subject: ADded a readme
X-Git-Tag: procprotect-0.1-1~2
X-Git-Url: http://git.onelab.eu/?p=procprotect.git;a=commitdiff_plain;h=0004035d5f716de72de7a6354153081c1146a956

ADded a readme
---

diff --git a/README b/README
index e69de29..ce04a54 100644
--- a/README
+++ b/README
@@ -0,0 +1,7 @@
+This module enables you to protect entries in /proc from untrusted users running in LXC containers. To use it:
+- Load the module
+- Add /proc entries to the blacklist by running echo "path-to-proc-entry" > /proc/procprotect
+
+Caveats and todos:
+- Only protects opens, not listings
+- The ACL mechanism is currently very simple. Permission is denied to containers that have a non-root mount namespace. This will eventually be extended to cgroup-style ACLs.