[lxc-devel] [PATCH] Unshare user namespace as well
Mikhail Gusarov
dottedmag at dottedmag.net
Tue May 4 20:09:49 UTC 2010
Daniel.
>> Unshare user namespace to make sure setrlimit and other per-user
>> limits are accounted properly in containers
[skip]
DL> I am not sure to see all the implications of having this namespace
DL> by default, especially for application containers which can be
DL> executed by non-root user. I think it would make sense to make this
DL> flag optional with the configuration.
Fully agree. I don't use LXC at the moment, so don't expect new patch
From me -- I will scratch one when I get to using LXC again unless
someone else implements it before.
--
http://fossarchy.blogspot.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20100505/59cb194d/attachment.pgp>
More information about the lxc-devel
mailing list