> So there are 2 cases: > * full isolation : restriction on VPS > * partial isolation : no restriction but *perhaps* problem when migrating > > Looks like we need an option per namespace to reduce the isolation for > af_unix sockets :) > - on (default): current behaviour => full isolation > - off : partial isolation You mean some sysctl, that enables/disables this check in unix_find_socket_byinode? _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers