Linux Containers - User Namespace

The core of the user namespace is just separate uid tables so that uid 500 can refer to different users in different virtual servers.

Uids are compared to mediate various operations including file accesses and signaling. They are complicated by the fact that uid 0 is usually allowed to circumvent these checks.

The current set of patches makes some assumptions which have so far been rejected:

that user ns would typically be unshared along with pid ns, and therefore normal signals (kill -9 112) to another user ns would be prevented by pidspaces. (signals generated by use of f_setsig+f_setown+io would not be prevented this way and are handled specially)
(let me think about what 2 really was and how to phrase it)

It has been deemed preferable by some to take a different approach, slowly augmenting all (uid1==uid2) checks with (uid1==uid2 && uidns1==uidns2) before actually defining uid namespaces.