diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2015-05-09 16:07:14 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2015-05-09 16:07:14 -0700 |
commit | 51dfcb076d1e1ce7006aa272cb7c4514740c7e47 (patch) | |
tree | 877684653bbad3e9d9ddaeba8cefadb6cdaed7e1 /block | |
parent | 9d88f22a819db8a9ff78496edf5553e90d88179c (diff) | |
parent | 7e96c1b0e0f495c5a7450dc4aa7c9a24ba4305bd (diff) | |
download | op-kernel-dev-51dfcb076d1e1ce7006aa272cb7c4514740c7e47.zip op-kernel-dev-51dfcb076d1e1ce7006aa272cb7c4514740c7e47.tar.gz |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull user-namespace fix from Eric Biederman:
"Eric Windish recently reported a really bug that allows mounting fresh
copies of proc and sysfs when it really should not be allowed. The
code attempted to verify that proc and sysfs were fully visible but
there is a test missing to ensure that the root of the filesystem is
visible. Doh!
The following patch fixes that.
This fixes a containment issue that the docker folks are seeing"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
mnt: Fix fs_fully_visible to verify the root directory is visible
Diffstat (limited to 'block')
0 files changed, 0 insertions, 0 deletions