Subj : [$] A capability set for user namespaces
To   : All
From : LWN.net
Date : Thu Jun 20 2024 19:45:05

[$] A capability set for user namespaces

Date:
Thu, 20 Jun 2024 18:37:44 +0000

Description:
User namespaces in Linux create an
environment in which all privileges are granted, but their effect is
contained within the namespace; they have become an important tool for the
implementation of containers.  They have also become a significant source
of worries for people who do not like the increased attack surface they
create for the kernel.  Various attempts have been made to restrict that
attack surface over the years; the latest is user namespace
capabilities , posted by Jonathan Calmels.

======================================================================
Link to news story:
https://lwn.net/Articles/978846/


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)

.