Yes absolutely that is what I am trying to achieve. > Is it possible to build a secure container by using cgroups? My goal > is to achieve a file system namespace container that will limit the > file system view given to a process similar to chroot does but of > course has to be secure. You'll have to be a bit more specific than that. Do you want to make absolutely sure that certain containers have absolutely no access to certain fs namespaces? -- Dave _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers