> I know of at least two projects that enter user namespaces without the > necessary care, one of them is LXC. > > > > There is room for improvement in this area but I don't see how this > > qualifies as a CVE. > > I think I agree with that.
If there are projects that screw it up then there should be a CVE - it just needs someone to update the CVE to indicate where the actual flaw is. Alan
