Following is a set of user namespace patches I've been playing with this week. The first two patches are I believe fixes which should go in regardless of which direction user namespaces take. The rest of the patches are one approach to providing default cross-userns isolation for files. Any filesystem can provide its own intelligent cross-userns userid equivalence checks by defining its own permission function, which is what Eric and I have been talking about doing. The next step is probably to handle some of the task-to-task cross-userns checks. Comments appreciated. thanks, -serge _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
