On Thu, 24 Feb 2011 00:49:01 +0000 "Serge E. Hallyn" <[email protected]> wrote:
> same_or_ancestore_user_ns() was not an appropriate check to > constrain cap_issubset. Rather, cap_issubset() only is > meaningful when both capsets are in the same user_ns. I queued this as a fix against userns-allow-ptrace-from-non-init-user-namespaces.patch, but I get the feeling that it would be better to just drop everything and start again? _______________________________________________ Containers mailing list [email protected] https://lists.linux-foundation.org/mailman/listinfo/containers _______________________________________________ Devel mailing list [email protected] https://openvz.org/mailman/listinfo/devel
