Many of today's computing systems include computing resources that are not fully utilized. The owners of these systems often could benefit by increasing the utilization of these systems' computing resources.
A number of approaches could be adopted in order to increase utilization. Under a “consolidation” approach, the processes and data of multiple parties might be co-located on a single hardware unit in order to more fully utilize the resources of the hardware unit. Under the consolidation approach, multiple parties might share a single hardware unit's resources, including file systems, network connections, and memory structures. For example, multiple businesses might have separate websites that are hosted by the same server.
However, some of the parties might not know or trust each other. In some cases, some of the parties actually might be competitors with others of the parties. Under such circumstances, each party would want to ensure that its processes and data were shielded, or isolated, from access by other parties and those other parties' processes.
Mechanisms that would isolate one party's processes and data from other parties sharing the same hardware unit have been proposed. For example, a “jail” mechanism provides the ability to partition an operating system environment into a “non-jailed” environment and one or more “jailed” environments. The jail mechanism allows users, processes, and data to be associated with a jailed environment. For example, one group of users, processes, and data may be associated with one jailed environment, and another group of users, processes, and data may be associated with another jailed environment. The jail mechanism restricts users and processes that are associated with a particular jailed environment from accessing processes and data that are associated with environments (both jailed and non-jailed) other than the particular jailed environment.
Some operating system environments provide a system logging mechanism that permits processes to send, to a designated message stream, messages designated as “log messages.” A designated process may read the log messages from the designated message stream and write the log messages to a log file. A user may view the log file in order to diagnose problems occurring within the operating system environment. Processes also may read the log messages from the designated message stream.
As discussed above, an operating system environment may be partitioned into a non-jailed environment and one or more jailed environments. When an operating system environment is so partitioned, the designated message stream, the designated process, and the log file remain associated with the non-jailed environment. As a result, when a process that is associated with a particular jailed environment sends a log message, the log message is sent to the designated message stream in the non-jailed environment. Unfortunately, other processes that are associated with the particular jailed environment are unable to read from the designated message stream, because the designated message stream is not associated with the particular jailed environment. Additionally, users that are associated with the particular jailed environment are unable to view the log file because the log file is not associated with the particular jailed environment.