To clarify, it's actually the kernel CLONE_NEW* interfaces that I'm concerned with. There are troublesome leakages in /proc/sys for example. Given the LTS nature of Lucid, I'd really like lxc (and really, the kernel) more time to shake out some of these issues. As an example: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0e1a6ef2dea88101b056b6d9984f3325c5efced3 When compared to other new kernel interfaces, I think this is prudent (i.e. eCryptfs has had several nasty security issues since it started seeing more use, but we kept implementations out of main for a few cycles).
-- [MIR] lxc https://bugs.launchpad.net/bugs/509647 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
