[RFC][PATCH 00/10] taskstats: Enhancements for precise accounting

Serge E. Hallyn serge at hallyn.com
Sat Sep 25 11:19:28 PDT 2010


Quoting Matt Helsley (matthltc at us.ibm.com):
> I don't think even "root" can see/use pids outside its namespace (without

Just to be clear on this, you're right in what you say, but if a task in a child
pidns still has access to the /proc mount of the parent pidns, then it can see
the pids in there, and get information from them, i.e. /proc/pid/maps.  So
in that sense, some people could misinterpret "see/use pids" and think you
weren't right.

-serge


More information about the Containers mailing list