On 02/17/2011 04:03 PM, Serge E. Hallyn wrote: > ptrace is allowed to tasks in the same user namespace according to > the usual rules (i.e. the same rules as for two tasks in the init > user namespace). ptrace is also allowed to a user namespace to > which the current task the has CAP_SYS_PTRACE capability. > > Changelog: > Dec 31: Address feedback by Eric: > . Correct ptrace uid check > . Rename may_ptrace_ns to ptrace_capable > . Also fix the cap_ptrace checks. > Jan 1: Use const cred struct > Jan 11: use task_ns_capable() in place of ptrace_capable(). > > Signed-off-by: Serge E. Hallyn<serge.hallyn@xxxxxxxxxxxxx> Acked-by: Daniel Lezcano <daniel.lezcano@xxxxxxx> _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
