rhysre
commented
2 years ago Closing this. Mount namespaces need not be nested, which makes this a fairly hard problem. This issue should be a much broader discussion about how we want to report paths in different mount namespaces (container_id and path tuple?) that will take place in the future.
The file access probes report paths by traversing the tree to the root of the current mount namespace. As per discussion with @m-sample, we should be breaking out of the current mount namespace to the host mount namespace and reporting that path instead.