[Devel] Re: [RFC][PATCH] ns: Syscalls for better namespace sharing control.
Eric W. Biederman
ebiederm at xmission.com
Fri Feb 26 15:13:47 PST 2010
Oren Laadan <orenl at cs.columbia.edu> writes:
> Can't think of a specific scenario, but I wonder if there would
> be a problem (security or otherwise) with a process that only
> partly belongs to a container, even if for a short time ?
If we can find an instance of that then there are fundamental problems
with setns.
The driving use case right now is for things like network namespaces where
userspace really wants to have several at once, and wants to be able to
control them all.
Eric
_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
More information about the Devel
mailing list