diff options
author | Andrei Vagin <avagin@google.com> | 2019-04-09 11:30:35 -0700 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2019-04-09 11:31:57 -0700 |
commit | 93b3c9b76c16104cbb5cc55b6f2339cb43c356b5 (patch) | |
tree | 419f3e209fecb5d9a6de8991531a7465918d9a36 /pkg/sentry/fs/fsutil/inode.go | |
parent | eaac2806ffadbb3db6317e58c61b855b1350f0aa (diff) |
runsc: set UID and GID if gofer is executed in a new user namespace
Otherwise, we will not have capabilities in the user namespace.
And this patch adds the noexec option for mounts.
https://github.com/google/gvisor/issues/145
PiperOrigin-RevId: 242706519
Change-Id: I1b78b77d6969bd18038c71616e8eb7111b71207c
Diffstat (limited to 'pkg/sentry/fs/fsutil/inode.go')
0 files changed, 0 insertions, 0 deletions