On 9/7/07, Eric Van Hensbergen <ericvh@gmail.com> wrote:

Linux actually has private namespaces, its just off by default. There
is a flag to clone which can be used to establish new processes in
private namespaces (CLONENS or some such thng).

Primary downside is that its superuser only -- but you could get
around it with setuid or custom kernel.

-eric

Then you have to worry about what happens when people do things like binding over /etc/passwd :-)