On Tue, Apr 22, 2025 at 11:23:17AM +0200, Christian Brauner <brauner@kernel.org> wrote:
> As written this isn't restricted to admin processes though, no? So any
> unprivileged container can open that file O_NONBLOCK and avoid
> synchronous reclaim?
> 
> Which might be fine I have no idea but it's something to explicitly
> point out 

It occurred to me as well but I think this is fine -- changing the
limits of a container is (should be) a privileged operation already
(ensured by file permissions at opening).
IOW, this doesn't allow bypassing the limits to anyone who couldn't have
been able to change them already.

Michal