On 2/22/07, Eric W. Biederman <ebiederm@xxxxxxxxxxxx> wrote: > > Now it is at least worth investigating if you can leak things if you don't > enter the pid namespace. If you can not leak things that potentially > simplifies big chunks of the problem, and we probably don't need the > intermediate pid namespace, of your suggestion. If you're happy to have your partially-entered process be viewing the system pid namespace rather than (container pid namespace) + (self) then yes, you don't need the intermediate namespace. Paul _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxx https://lists.osdl.org/mailman/listinfo/containers
