Re: [lxc-devel] [PATCH 8/8] Add FS_USERNS_FLAG to cgroup fs

On Fri, Jan 29, 2016 at 02:54:11AM -0600, serge.hal...@ubuntu.com wrote: > From: Serge Hallyn > > allowing root in a non-init user namespace to mount it. This should > now be safe, because > > 1. non-init-root cannot mount a previously unbound subsystem > 2. the task

[lxc-devel] [PATCH 8/8] Add FS_USERNS_FLAG to cgroup fs

From: Serge Hallyn allowing root in a non-init user namespace to mount it. This should now be safe, because 1. non-init-root cannot mount a previously unbound subsystem 2. the task doing the mount must be privileged with respect to the user namespace owning the

[lxc-devel] [PATCH 8/8] Add FS_USERNS_FLAG to cgroup fs

From: Serge Hallyn allowing root in a non-init user namespace to mount it. This should now be safe, because 1. non-init-root cannot mount a previously unbound subsystem 2. the task doing the mount must be privileged with respect to the user namespace owning the

[lxc-devel] [PATCH 8/8] Add FS_USERNS_FLAG to cgroup fs

From: Serge Hallyn allowing root in a non-init user namespace to mount it. This should now be safe, because 1. non-init-root cannot mount a previously unbound subsystem 2. the task doing the mount must be privileged with respect to the user namespace owning the

[lxc-devel] [PATCH 8/8] Add FS_USERNS_FLAG to cgroup fs

From: Serge Hallyn allowing root in a non-init user namespace to mount it. This should now be safe, because 1. non-init-root cannot mount a previously unbound subsystem 2. the task doing the mount must be privileged with respect to the user namespace owning the