On Fri, Nov 30, 2018 at 08:48:11AM -0600, Eric W. Biederman wrote: > Luis Chamberlain <mcgrof@xxxxxxxxxx> writes: > > > The logic seems sensible then, but are we implicating what a container > > does with its sysctl values onto the entire system? If so, sure, it > > seems you want this for networking purposes as there are a series of > > sysctl values a container may want to muck with, but are we sure we > > want the same for *all* sysctl entries? > > No. Please look at the patch again. It sets the default uid and gid > for sysctl entries to 0. AKA GLOBAL_ROOT_UID and GLOBAL_ROOT_GID > because there is a bug and they were not set to that value. > > Those are the uids and gids that are tested agasint. It just happens > you have to be in a weird configuration for this bug to become a problem. Thanks, then provided the commit lot is modified: Acked-by: Luis Chamberlain <mcgrof@xxxxxxxxxx> Luis
