[Devel] [RFC rhel7] Disabling mounting cgroups from inside of container

Mon Jan 18 00:32:46 PST 2016

On Sun, Jan 17, 2016 at 01:12:25AM +0300, Cyrill Gorcunov wrote:
> > 
> > Yeah, probably not so many programs does so.
> > But forbidding such functionality in a container looks very aggressive for me.
> 
> I would take the reserse, grip everything and relax requirements only
> where really need.
> 
> Stas, lets continue talking on monday, i'll be out tomorrow most probably.
> 

So I'm back. Still think disabling mountings is a win.