Comment 2 for bug 2034448

Small remark. If you expose /sys/fs/bpf from the host is can be a security issue. For example if we have a bpf iterator program loaded on the host and then pinned to a file in /sys/fs/bpf then this file will be accessible from inside the container and container can read data that should not supposed to be accessible by anyone except the host root user.