Do we have a strong reason to start handling crashes inside of "non-full" containers on stable Ubuntu releases? I'm specifically talking about when this conditional evaluates to True:
elif not is_same_ns(host_pid, "pid") and is_same_ns(host_pid, "mnt"):
If there's no strong reason, can we only enable that in Bionic?
Also, did you test that with the the PoC in bug 1726372? I'm fairly certain that it'll create a core dump in /tmp (/tmp/core) which is new/undesired.
Do we have a strong reason to start handling crashes inside of "non-full" containers on stable Ubuntu releases? I'm specifically talking about when this conditional evaluates to True:
elif not is_same_ ns(host_ pid, "pid") and is_same_ ns(host_ pid, "mnt"):
If there's no strong reason, can we only enable that in Bionic?
Also, did you test that with the the PoC in bug 1726372? I'm fairly certain that it'll create a core dump in /tmp (/tmp/core) which is new/undesired.