You are not logged in.
- Topics: Active | Unanswered
#1 2017-01-11 20:32:20
- graysky
- Wiki Maintainer
- From: :wq
- Registered: 2008-12-01
- Posts: 10,597
- Website
Risk/benefit of enabling user namespaces in the kernel
There is quite a discussion in FS#36969 around the risks of enabling user namespaces in the kernel. I'm unclear about several aspects:
*Enabling this option makes LXCs safer but at the cost of decreasing security on the host?
*How contemporary are the arguments against enabling this option now that that FS is several years and many kernel versions old?
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
#2 2017-01-11 21:20:07
- loqs
- Member
- Registered: 2014-03-06
- Posts: 17,372
Re: Risk/benefit of enabling user namespaces in the kernel
graysky wrote:
*How contemporary are the arguments against enabling this option now that that FS is several years and many kernel versions old?
https://git.kernel.org/cgit/linux/kerne … b526cc44ef fixed in 4.8.14
Offline