Tinnes: Introducing Chrome's next-generation Linux sandbox

- Yeah, CLONE_NEWNS + mount should work too, but I think there were unwanted side effects. Perhaps problems with clean-up ? There shouldn't, it should be cleaned up when the last process dies. Maybe we didn't want to rely on namespaces, which were quite new for the main functionality.

- As I tried to explain before, the UID ranges need to be administratively defined, exclusively for the purpose of the sandbox, in the same way that uids are allocated to given users or daemon. I've always been adamant about that.

Also note that uid collisions (from sandboxed processes) are not a big issue, the ptrace check won't pass on uid-only match, and the processes are marked non dumpable. Signals would be the biggest issue with collisions.

But anyway, nowadays setuid() doesn't fail anymore, and uid ranges have stayed at the level of POC, deprecated in favor of PID namespaces.