[$] Resource limits in user namespaces

Post Syndicated from original https://lwn.net/Articles/842842/rss

User namespaces provide a number of
interesting challenges for the kernel. They give a user the illusion of
owning the system, but must still operate within the restrictions that
apply outside of the namespace. Resource
limits
represent one type of
restriction that, it seems, is proving too restrictive for some users. This
patch set
from Alexey Gladkov attempts to address the problem by way of
a not-entirely-obvious approach.