Re: [PATCH][CFT] per-process namespaces for Linux

[Albert D. Cahalan]

Alexander Viro writes:

>       * CLONE_NEWNS is made root-only (CAP_SYS_ADMIN, actually)

Would an unprivileged version that killed setuid be OK to have?

Evil idea of the day: non-directory (even non-existant) mount points and
non-directory mounts. So then "mount --bind /etc/foo /dev/bar" works.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/