Re commit d95debbdc528 fixing CLONE_NEWTIME to work in clone()...
I note that sys_tz in kernel/time/time.c does not appear to be namespaced?
You might want to at least fail trying to set it outside of the root time
namespace. (Line 186, unless security_settime64() is already doing that?)
Rob