On Wed, Jul 15, 2020 at 04:49:52PM +0200, Adrian Reber wrote: > Opening files in /proc/pid/map_files when the current user is > CAP_CHECKPOINT_RESTORE capable in the root namespace is useful for > checkpointing and restoring to recover files that are unreachable via > the file system such as deleted files, or memfd files. > > Signed-off-by: Adrian Reber <areber@xxxxxxxxxx> > Signed-off-by: Nicolas Viennot <Nicolas.Viennot@xxxxxxxxxxxx> I still have a plan to make this code been usable without capabilities requirements but due to lack of spare time for deep investigation this won't happen anytime soon. Thus the patch looks OK to me, fwiw Reviewed-by: Cyrill Gorcunov <gorcunov@xxxxxxxxx>
