[PATCH review 4/4] vfs: Do not allow escaping from bind mounts.

Al Viro viro at ZenIV.linux.org.uk
Thu Apr 9 23:22:13 UTC 2015


On Wed, Apr 08, 2015 at 06:34:12PM -0500, Eric W. Biederman wrote:
> +	if (ancestor) {
> +		mark_violated_mounts(dentry, ancestor);
> +		mark_violated_mounts(target, ancestor);
> +	}

Umm...  Both sides the same way, regardless of whether it's exchange or
move?  Looks wrong...

Look:

mkdir /tmp/a
mkdir /tmp/b
mkdir /tmp/c
mkdir /tmp/b/c
touch /tmp/a/x
mount --bind /tmp/b /tmp/c
mv /tmp/a/x /tmp/b/c/x

should that make the vfsmount on /tmp/c violated?  And if so, why?


More information about the Containers mailing list