mirror of https://github.com/mkerrisk/man-pages
namespaces.7: Clarify a detail in permissions for writing to user namespace map files
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
cfc50babe7
commit
8e5924c0a9
|
@ -660,6 +660,8 @@ The process must have the
|
|||
.BR CAP_SETUID
|
||||
.RB ( CAP_SETGID )
|
||||
capability in the parent user namespace.
|
||||
This prevents an unprivileged process from mapping to arbitrary UIDs (GIDs)
|
||||
in the parent user namespace.
|
||||
There is an exception to this requirement:
|
||||
a process writing to
|
||||
.I uid_map
|
||||
|
|
Loading…
Reference in New Issue