David Drysdale <drysd...@google.com> writes: > Add a new O_BENEATH_ONLY flag for openat(2) which restricts the > provided path, rejecting (with -EACCES) paths that are not beneath > the provided dfd. In particular, reject: > - paths that contain .. components > - paths that begin with / > - symlinks that have paths as above.
How about bind mounts? -Andi -- a...@linux.intel.com -- Speaking for myself only -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/