[lxc-devel] [patch 1/1] drop capabilities
Michael Holzt
lxc at my.fqdn.org
Thu Jan 14 21:05:49 UTC 2010
> I've written a patch which adds a new config keyword
> 'lxc.cap.drop'. This keyword allows to specify capabilities which are
> dropped before executing the container binary.
This looks like my approach, and more or less my patch (shouldn't there be a
signed-off-by line with me in it?).
Maybe i've missed part of the discussion but i can't remember that it was
decided to use this approach. So maybe you can explain?
Regards,
Michael
--
It's an insane world, but i'm proud to be a part of it. -- Bill Hicks
More information about the lxc-devel
mailing list