Linux namespaces are used to isolate processes from each other.
They ensure that processes within a container have their own separate view of certain system resources, enhancing security and isolation.
PID Namespaces: These create completely separate and independent PID numbering spaces. Inside a container, processes start with PID 1, and the container operates within its own isolated view of process IDs. This isolation prevents a container from directly interacting with processes outside its namespace, even if they appear to have the same PID when viewed from their respective namespaces. The kernel manages these namespaces separately, ensuring that signals and other process interactions are confined within the appropriate namespace.
*****
Network Namespaces: These isolate the network interfaces, routing tables, and firewall rules. They prevent network conflicts between containers and the host, but don't directly prevent process termination.
User Namespaces: These isolate user and group IDs. While they enhance security by allowing containers to run as non-root users on the host, they don't directly prevent a container from sending signals to a host process if the container manages to obtain the correct host PID.
Mount Namespaces: These isolate the filesystem mount points. They provide each container with its own view of the filesystem, preventing them from interfering with each other's files or the host's files. However, they don't directly prevent a container from sending signals to a host process if it knows the host process ID.
Another types of namespaces are: Interprocess communication (IPC) and UNIX Time-Sharing (UTS)