on 2012/11/17 00:35, Eric W. Biederman wrote: > From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> > > - Pid namespaces are designed to be inescapable so verify that the > passed in pid namespace is a child of the currently active > pid namespace or the currently active pid namespace itself. > > Allowing the currently active pid namespace is important so > the effects of an earlier setns can be cancelled. > > Signed-off-by: Eric W. Biederman <ebiederm@xxxxxxxxxxxx> > --- Acked-by: Gao feng <gaofeng@xxxxxxxxxxxxxx> _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
