Trond Myklebust <trond.myklebust@xxxxxxxxxx> writes: > Finally, what happens if someone decides to set up a private socket > namespace, using CLONE_NEWNET, without also using CLONE_NEWNS to create > a private mount namespace? Would anyone have even the remotest chance in > hell of figuring out what filesystem is mounted where in the ensuing > chaos? Good question. Multiple NFS servers with the same ip address reachable from the same machine sounds about as nasty pickle as it gets. The only way I can even imagine a setup like that is someone connecting to a vpn. So they are behind more than one NAT gateway. Bleh NAT sucks. Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
