LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

namespaces.7: Clarify a detail in permissions for writing to user namespace map files 

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2013-02-19 04:22:16 +01:00
parent cfc50babe7
commit 8e5924c0a9
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
man7/namespaces.7
View File

@ -660,6 +660,8 @@ The process must have the
.BR CAP_SETUID
.RB ( CAP_SETGID )
capability in the parent user namespace.
This prevents an unprivileged process from mapping to arbitrary UIDs (GIDs)
in the parent user namespace.
There is an exception to this requirement:
a process writing to
.I uid_map