


























The recents exploits require unprivileged user namespaces. This Debian patch should be considered upstream:
https://github.com/semplice/linux/blob/master/debian/patc...
We need something like kernel.unprivileged_userns_clone=0 because user.max_user_namespaces=0 disables user namespaces also for root.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。