Comment 7 for bug 1783591

I have looked at the patch and security wise it looks very good to me. For completeness I would also add the O_CLOEXEC i.e.:

netns_fd = open(args.pid, O_PATH | O_CLOEXEC);

I think there is still a functional issue, however. You are using `fstatvfs()` and evaluate `f_fsid`. This is, as far as I understand, a unique identifier for file systems independent of their file system type. It returns zero for pseudo file systems.

To get the file system magic you need to use `fstatfs()` and evaluate `f_type` instead.