On Tue, 17 Nov 2015, Seth Forshee wrote:
> From: Andy Lutomirski
>
> If a process gets access to a mount from a different user
> namespace, that process should not be able to take advantage of
> setuid files or selinux entrypoints from that filesystem. Prevent
> this by treating mounts from oth
From: Andy Lutomirski
If a process gets access to a mount from a different user
namespace, that process should not be able to take advantage of
setuid files or selinux entrypoints from that filesystem. Prevent
this by treating mounts from other mount namespaces and those not
owned by current_use
2 matches
Mail list logo
