Merge pull request #1594 from brauner/2017-05-27/new_readme

README: reword id mapping restrictions when unpriv

Merge pull request #1594 from brauner/2017-05-27/new_readme
f6104dff · Serge Hallyn · GitHub · 486e37c8 · ac8f64dc · f6104dff
Commit f6104dff authored May 28, 2017 by Serge Hallyn Committed by GitHub May 28, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 4 deletions

README.md README.md +4 -4

No files found.
--- a/README.md
+++ b/README.md
@@ -70,10 +70,10 @@ quite restricted. Just to highlight the two most common problems:
   inside of the container will not be able to boot up correctly.
 2. User Namespaces: As outlined above, user namespaces are a big security
-   enhancement. However, users which are unprivileged on the host will only be
+   enhancement. However, without relying on privileged helpers users who are
-   able to establish a mapping for their own UID if they do not rely on
+   unprivileged on the host are only permitted to map their own UID into
-   privileged helpers. A standard POSIX system however, requires 65536 UIDs and
+   a container. A standard POSIX system however, requires 65536 UIDs and GIDs
-   GIDs to be available to guarantee full functionality.
+   to be available to guarantee full functionality.
 ## Configuration