[REVIEW][PATCH 5/5] mnt: Add tests for unprivileged remount cases that have found to be faulty
Eric W. Biederman
ebiederm at xmission.com
Thu Jul 31 22:52:29 UTC 2014
Serge Hallyn <serge.hallyn at ubuntu.com> writes:
> Quoting Eric W. Biederman (ebiederm at xmission.com):
>>
>> Kenton Varda <kenton at sandstorm.io> discovered that by remounting a
>> read-only bind mount read-only in a user namespace the
>> MNT_LOCK_READONLY bit would be cleared, allowing an unprivileged user
>> to the remount a read-only mount read-write.
>>
>> Upon review of the code in remount it was discovered that the code allowed
>> nosuid, noexec, and nodev to be cleared. It was also discovered that
>> the code was allowing the per mount atime flags to be changed.
>>
>> The first naive patch to fix these issues contained the flaw that using
>> default atime settings when remounting a filesystem could be disallowed.
>>
>> To avoid this problems in the future add tests to ensure unprivileged
>> remounts are succeeding and failing at the appropriate times.
>>
>> Cc: stable at vger.kernel.org
>
> one nit below
>
> Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
>> +#ifndef CLONE_NEWSNS
>
> Could cause build error in some places... missspelled NEW S NS above.
>
>> +# define CLONE_NEWNS 0x00020000
>> +#endif
You are right that is an embarrassing typo. I wonder how that ever
happened. I will take care of that.
Eric
More information about the Containers
mailing list