It's astounding that anyone thought it was a good idea to add enormous amounts of kernel attack surface via unprivileged user namespaces.
-
-
(this is with lots of false positives, I e.g. also counted occurences in comments)
-
There can be a huge amount of functionality gated behind a single privilege check though. It's difficult to gauge the overall impact.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.