On Fri, 2005-05-13 at 02:10, Miklos Szeredi wrote:
> > dentry = file->f_dentry;
> > mnt = file->f_vfsmnt;
> > inode = dentry->d_inode;
> > + if(mnt->mnt_namespace != current->namespace)
> > + goto out_putf;
> >
> > error = -ENOTDIR;
> > if (!S_ISDIR(inode->i_mode))
> >
>
> Does this actually fix the problem? The open is done in the right
> namespace, and mount() doesn't call open().
Right but this fix disallows fchdir into a directory belonging to
a different namespace. And hence would disallow the ability to
cross mount across namespaces.
RP
>
> I think the right fix is something like this:
>
> Index: linux/fs/namespace.c
> ===================================================================
> --- linux.orig/fs/namespace.c 2005-05-13 11:03:50.000000000 +0200
> +++ linux/fs/namespace.c 2005-05-13 11:05:06.000000000 +0200
> @@ -160,7 +160,7 @@ clone_mnt(struct vfsmount *old, struct d
> mnt->mnt_root = dget(root);
> mnt->mnt_mountpoint = mnt->mnt_root;
> mnt->mnt_parent = mnt;
> - mnt->mnt_namespace = old->mnt_namespace;
> + mnt->mnt_namespace = current->namespace;
>
> /* stick the duplicate mount on the same expiry list
> * as the original if that was on one */
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
