> > ; mntgen a > > ; bind /env a/env > > ; bind /bin a/bin > > ; bind /proc a/proc > > ; bind a / > > ; ns > > > > consider it a security feature. > > Be it as it may, I still can't quite follow why *manual* pruning > of the entries from the namespace would be forbidden. unmount(2) > takes two strings as arguments, right? It doesn't even need an fd.
because they're not visible. you have to access it in order to unmount it. - erik
