User namespace work (at least for root to start containers in user
namespaces, which is what this bug is about) have been working in lxc
for some time. You do need a custom kernel, but this bug is against
lxc, so I'm marking it fix released.
** Changed in: lxc (Ubuntu)
Status: Triaged => F
Ah, yes I've read about the work on namespaces, but always with
reference to protecting the host from the container. I'd not seen
anything about protecting the container from unprivileged users on the
host.
Thanks for the clarification, and prioritization.
--
You received this bug notification
