> > > > Bind mount from a foreign namespace results in
> > >
> > > ... -EINVAL
> >
> > Wrong answer. Look again, you wrote the code, so you _should_ know ;)
>
> I guess Al agrees that bind mount from foreign namespace must be
> disallowed.
>
> Which means what Jamie pointed to was right. Attached the patch which
> fixes it.
You are very quick fixing things which are not broken :)
And BTW Jamie was saying, the checks should be removed, not that more
checks should be added (as your patch does).
Jamie Lokier wrote:
> I agree about the bug (and it's why I think the current->namespace
> checks in fs/namespace.c should be killed - the _only_ effect is to
> make un-removable mounts like the above, and the checks are completely
> redundant for "normal" namespace operations).
The checks are actually not redundant, but only because of locking
reasons, not because of security reasons. So I agree with Jamie, that
in the long run it makes sense to relax those checks.
Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
