[Devel] [PATCH] cred: add ve_capable to check capabilities relative to the current VE (v2)
Vladimir Davydov
vdavydov at parallels.com
Tue Sep 1 06:46:10 PDT 2015
On Tue, Sep 01, 2015 at 04:59:59PM +0400, Andrew Vagin wrote:
> We want to allow a few operations in VE. Currently we use nsown_capable,
> but it's wrong, because in this case we allow these operations in any
> user namespace.
>
> v2: take ve0->cred if the currect ve isn't running
>
> Signed-off-by: Andrew Vagin <avagin at openvz.org>
Reviewed-by: Vladimir Davydov <vdavydov at parallels.com>
More information about the Devel
mailing list