Eric W. Biederman [ebiederm@xxxxxxxxxxxx] wrote: | > Anyway, is RESERVED_PIDS meant for initial kernel-threads/daemons - if so | > would it be ok enforce it only in init_pid_ns ? | | It is mean for initial user space daemons, things that start on boot. | | I don't know how much the protection matters at this date, but we have it. Well, since it is not security or other critical restriction, can we allow set_pidmap() a free hand - even in init-pid-ns ? It could prevent a simple subtree C/R of one of the early daemons for debug for instance. Sukadev _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
