On Mon, Jan 16, 2012 at 11:26 AM, Colin Walters <walters@xxxxxxxxxx> wrote: > On Sun, 2012-01-15 at 16:37 -0800, Andy Lutomirski wrote: > >> Because chroot is an easy way to break out of chroot jail, CAP_SYS_ADMIN >> is still required if the caller is already chrooted. > > This part is pretty gross. It means it won't work for stuff like > containers (systemd-nspawn etc.) and furthermore I have plans that > involve running OS trees inside a chroot, and this would obviously not > work for that. Agreed. Unprivileged bind mounts would be a much better approach, but that would need some concept of an unprivileged user owning a namespace. Maybe the namespace id work would make this work. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
