Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon

> I think more and more, that more complete isolation is being done, > taking advantage of each type of namespace as they become available, but > I know a nuber of them didn't find it important yet to use IPC, PID or > user namespaces which would be the only namespaces I can think of that > would provide that isolation. > > It isn't entirely clear to me which side you fall on this issue, Paul. That's mostly because I was hoping for some clarification in the discussion, especially the relevant certification requirements, but it looks like there is still plenty of room for interpretation there (as usual). I'd much rather us arrive at decisions based on requirements and not gut feelings, which is where I think we are at right now.