Dmitry Torokhov writes:
> On Mon, Aug 8, 2016 at 2:08 PM, Eric W. Biederman
> wrote:
>> Dmitry Torokhov writes:
>>
>>> If net namespace is attached to a user namespace let's make container's
>>> root owner of sysctls
On Mon, Aug 8, 2016 at 2:08 PM, Eric W. Biederman wrote:
> Dmitry Torokhov writes:
>
>> If net namespace is attached to a user namespace let's make container's
>> root owner of sysctls affecting said network namespace instead of global
>> root.
Dmitry Torokhov writes:
> If net namespace is attached to a user namespace let's make container's
> root owner of sysctls affecting said network namespace instead of global
> root.
>
> This also allows us to clean up net_ctl_permissions() because we do not
> need to
If net namespace is attached to a user namespace let's make container's
root owner of sysctls affecting said network namespace instead of global
root.
This also allows us to clean up net_ctl_permissions() because we do not
need to fudge permissions anymore for the container's owner since it now