subject:"\[PATCH v2\] Enable namespaced file capabilities"

[PATCH v2] Enable namespaced file capabilities

2017-07-11 Thread Stefan Berger

From: Stefan Berger The primary goal of the following patch is to enable file capabilities in user namespaces without affecting the file capabilities that are effective on the host. This is to prevent that any unprivileged user on the host maps his own uid to root in

[PATCH v2] Enable namespaced file capabilities

2017-07-11 Thread Stefan Berger

From: Stefan Berger The primary goal of the following patch is to enable file capabilities in user namespaces without affecting the file capabilities that are effective on the host. This is to prevent that any unprivileged user on the host maps his own uid to root in a private namespace, writes