On Tue, Oct 27, 2020 at 08:22:11PM +0300, Kirill Tkhai wrote:
> 1)Before my commit there also were different checks
>
> !capable(CAP_SYS_RESOURCE))
> and
> uid_eq(cred->uid, make_kuid(ns, 0)) && gid_eq(cred->gid, make_kgid(ns,
> 0))
>
> so it is not the initial reason. The commit e
On 27.10.2020 15:11, Michael Kerrisk (man-pages) wrote:
> Hello Nicolas, Cyrill, and others,
>
> @Nicolas, your commit ebd6de6812387a changed the capability
> requirements for the prctl_set_mm_exe_file() operation from
>
> ns_capable(CAP_SYS_ADMIN)
>
> to
>
> ns_capable(CAP_SYS_ADMIN)
On Tue, Oct 27, 2020 at 1:11 PM Michael Kerrisk (man-pages)
wrote:
> @Nicolas, your commit ebd6de6812387a changed the capability
> requirements for the prctl_set_mm_exe_file() operation from
>
> ns_capable(CAP_SYS_ADMIN)
>
> to
>
> ns_capable(CAP_SYS_ADMIN) || ns_capable(CAP_CHECKPOINT_RES
On Tue, Oct 27, 2020 at 01:11:40PM +0100, Michael Kerrisk (man-pages) wrote:
> Hello Nicolas, Cyrill, and others,
>
> @Nicolas, your commit ebd6de6812387a changed the capability
> requirements for the prctl_set_mm_exe_file() operation from
>
> ns_capable(CAP_SYS_ADMIN)
>
> to
>
> ns_ca
Hello Nicolas, Cyrill, and others,
@Nicolas, your commit ebd6de6812387a changed the capability
requirements for the prctl_set_mm_exe_file() operation from
ns_capable(CAP_SYS_ADMIN)
to
ns_capable(CAP_SYS_ADMIN) || ns_capable(CAP_CHECKPOINT_RESTORE).
That's fine I guess, but while looki
5 matches
Mail list logo
