[$] A capability set for user namespaces
Date:
Thu, 20 Jun 2024 18:37:44 +0000
Description:
User namespaces in Linux create an
environment in which all privileges are granted, but their effect is
contained within the namespace; they have become an important tool for the implementation of containers. They have also become a significant source
of worries for people who do not like the increased attack surface they
create for the kernel. Various attempts have been made to restrict that
attack surface over the years; the latest is user namespace
capabilities , posted by Jonathan Calmels.
======================================================================
Link to news story:
https://lwn.net/Articles/978846/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)