-
Jeff Sharkey authored
For example, when launching into an isolated process, we need to drop all mounts inherited from the root namespace. avc: denied { unmount } for scontext=u:r:zygote:s0 tcontext=u:object_r:fuse:s0 tclass=filesystem permissive=1 Bug: 22192518 Change-Id: Iafbea2c365c1080bdf20d7fa066c304901e582ba24f3bcdb
