Quoting Paul Menage (menage@xxxxxxxxxx): > On Thu, Jul 2, 2009 at 9:37 AM, Serge E. Hallyn<serue@xxxxxxxxxx> wrote: > > > > 1. the only way it won't outlive the open file is if the > > task opens the file, hands the open fd over a > > unix socket, then exits as the last task of its > > pidns > > Right. > > > 2. We don't dereference the pid_ns, so there is no actual > > safety issue. So it would become a problem only > > if a new pidns gets created at that same address > > Which is fairly likely given that pid_namespace is allocated from a > specific cache. > > Paul The scenario as a whole is still pretty unlikely, but there's just no reason to risk it. -serge _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
