OSS-SEC: Three bypasses of Ubuntu's unprivileged user namespace restrictions