Comment 29 for bug 720095

Actually, this isn't making sense to me. CLONE_NEWNET requires privilege, so this isn't something a random user can exploit. So what is the value in turning netns support off in the kernel as opposed to just stopping vsftpd from using it? (Attached debdiff not tested, but should suffice. I'll test if it will be considered IN PLACE of turning off CONFIG_NET_NS).