From 2778995f156948aeae82cbf9a433b32351b507cb Mon Sep 17 00:00:00 2001
From: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Date: Wed, 12 Jun 2019 19:13:34 +0900
Subject: [PATCH] Fix dockremap calculation

---
 engine/security/userns-remap.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/engine/security/userns-remap.md b/engine/security/userns-remap.md
index 333e897156..fa1e0ec5a1 100644
--- a/engine/security/userns-remap.md
+++ b/engine/security/userns-remap.md
@@ -99,7 +99,7 @@ avoid these situations.
 
     This means that user-namespaced processes started by `testuser` are
     owned by host UID `231072` (which looks like UID `0` inside the
-    namespace) through 296608 (231072 + 65536). These ranges should not overlap,
+    namespace) through 296607 (231072 + 65536 - 1). These ranges should not overlap,
     to ensure that namespaced processes cannot access each other's namespaces.
 
     After adding your user, check `/etc/subuid` and `/etc/subgid` to see if your