summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorPavel Emelyanov <xemul@openvz.org>2008-06-05 22:46:27 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2008-06-06 11:29:11 -0700
commit7db9cfd380205f6b50afdc3bc3619f876a5eaf0d (patch)
tree270b0212f0501b2dcf927e92e7374aba79c909df /security
parentcc9cb219aac24ffc711566c8f372c2b3a3bf840f (diff)
downloadop-kernel-dev-7db9cfd380205f6b50afdc3bc3619f876a5eaf0d.zip
op-kernel-dev-7db9cfd380205f6b50afdc3bc3619f876a5eaf0d.tar.gz
devscgroup: check for device permissions at mount time
Currently even if a task sits in an all-denied cgroup it can still mount any block device in any mode it wants. Put a proper check in do_open for block device to prevent this. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Tested-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions
OpenPOWER on IntegriCloud