On 24/02/2013, andrey mirtchovski <mirtchov...@gmail.com> wrote: > i think you're misunderstanding what private namespaces do,
Fuck, yes. Sorry. The idea seemed so perfect in my mind, and so "obvious" that it didn't seem necessary to actually test it. > but rather than explain why nobody else can see your 'local filesystem' when > you've cpu-ed somewhere I should say I'm thinking of cases where the listener for cpu has been modified or replaced by a malicious one that knows how to do that stuff. Export its /mnt/term outside of its private namespace for other programs to see.
