Hi, assuming this compiles and does the right thing at runtime (I haven't had time to test it, but from reading the source it looks fine) and as discussed in this thread you will slightly improve it later:
Am 20.11.2013 15:07, schrieb Nikola Kotur: > There are scenarios in which we want to execute process with specific > privileges elevated. > > An example for this might be executing a process inside the container > securely, with capabilities dropped, but not in container's cgroup so > that we can have per process restrictions inside single container. > > Similar to namespaces, privileges to be elevated can be OR'd: > > lxc-attach --elevated-privileges='CAP|CGROUP' ... > > Backward compatibility with previous versions is retained. In case no > privileges are specified behaviour is the same as before: all of them > are elevated. > > Signed-off-by: Nikola Kotur <kotn...@gmail.com> Acked-By: Christian Seiler <christ...@iwakd.de> -- Christian ------------------------------------------------------------------------------ Shape the Mobile Experience: Free Subscription Software experts and developers: Be at the forefront of tech innovation. Intel(R) Software Adrenaline delivers strategic insight and game-changing conversations that shape the rapidly evolving mobile landscape. Sign up now. http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
