casipw comments

Repositories
Issues
Comments

Results 2 comments of


                                            casipw

user-id mapping, or running bwrap as a different user

Hi, I had the same thoughts and found these sources: There is the sysctl setting `kernel.unprivileged_userns_clone` which allows unprivileged users to create new user namespaces. It is disabled on some...

Can't use a custom uid/gid in the sandbox together with --dev

> Is this [the same patch Debian uses](https://salsa.debian.org/kernel-team/linux/blob/master/debian/patches/debian/add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by-default.patch)? [Yes](https://wiki.archlinux.org/index.php/Linux_Containers#Enable_support_to_run_unprivileged_containers_(optional)). I ended up recognizing the advantages of setuid (posted that in #181), so this issue is not relevant to me any...