The trouble with symbolic links

Posted Jul 8, 2022 5:13 UTC (Fri) by matthias (subscriber, #94967)
In reply to: The trouble with symbolic links by Hello71
Parent article: The trouble with symbolic links

> actually, i'm not sure there's anything theoretically preventing adding mount namespaces to the long list of reset-on-suid-exe states.

Are you suggesting that if someone calls a suid binary inside a container, the binary should not use the mount namespace of the container but the root mount namespace instead?