Andrei Vagin writes:
> On Mon, Dec 19, 2016 at 03:38:35PM +0100, Michael Kerrisk (man-pages) wrote:
>> @@ -174,6 +175,11 @@ static long ns_ioctl(struct file *filp, unsigned int
>> ioctl,
>> return open_related_ns(ns, ns->ops->get_parent);
>> case NS_GET_NSTYPE:
>>
Hi Andrei,
On 12/21/2016 04:13 AM, Andrei Vagin wrote:
> On Mon, Dec 19, 2016 at 03:38:35PM +0100, Michael Kerrisk (man-pages) wrote:
>> # Some open questions about this patch below.
>> #
>> One of the rules regarding capabilities is:
>>
>> A process that resides in the parent of the user name
On Mon, Dec 19, 2016 at 03:38:35PM +0100, Michael Kerrisk (man-pages) wrote:
> # Some open questions about this patch below.
> #
> One of the rules regarding capabilities is:
>
> A process that resides in the parent of the user namespace and
> whose effective user ID matches the owner of t
# Some open questions about this patch below.
#
One of the rules regarding capabilities is:
A process that resides in the parent of the user namespace and
whose effective user ID matches the owner of the namespace has
all capabilities in the namespace.
Therefore, in order to write cod
4 matches
Mail list logo
