[arch-general] user namespaces

sivmu sivmu at web.de
Thu Feb 2 04:13:46 UTC 2017



Am 02.02.2017 um 05:10 schrieb Maxwell Anselm via arch-general:
>>
>> All those distros, everyone except arch has decided at some point to no
>> longer restrict the use of unprivileged user namespaces.
>>
> 
> In no way whatsoever does Arch restrict the use of unprivileged user
> namespaces. Rebuilding your kernel with them enabled is a trivial task for
> any user familiar with ABS. If you feel this strongly about it please write
> a wiki article about the benefits/tradeoffs and link it with the relevant
> application articles (Firejail, Security, etc.).
> 
> Max
> 

This issue is about the default arch kernel disabling user namespaces
and the consequence that many applications have to use insecure
workarounds like suid to still work on arch.

This has nothing to do with the gernal ability to user user namespaces
on arch, this is about the default kernel.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20170202/0d6fa318/attachment-0001.asc>


More information about the arch-general mailing list