Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx): > Serge Hallyn <serge.hallyn@xxxxxxxxxx> writes: > > > Quoting Eric W. Biederman (ebiederm@xxxxxxxxxxxx): > >> > >> Kenton Varda <kenton@xxxxxxxxxxxx> discovered that by remounting a > >> read-only bind mount read-only in a user namespace the > >> MNT_LOCK_READONLY bit would be cleared, allowing an unprivileged user > >> to the remount a read-only mount read-write. > >> > >> Upon review of the code in remount it was discovered that the code allowed > >> nosuid, noexec, and nodev to be cleared. It was also discovered that > >> the code was allowing the per mount atime flags to be changed. > >> > >> The first naive patch to fix these issues contained the flaw that using > >> default atime settings when remounting a filesystem could be disallowed. > >> > >> To avoid this problems in the future add tests to ensure unprivileged > >> remounts are succeeding and failing at the appropriate times. > >> > >> Cc: stable@xxxxxxxxxxxxxxx > > > > one nit below > > > > Acked-by: Serge E. Hallyn <serge.hallyn@xxxxxxxxxx> > > >> +#ifndef CLONE_NEWSNS > > > > Could cause build error in some places... missspelled NEW S NS above. > > > >> +# define CLONE_NEWNS 0x00020000 > >> +#endif > > You are right that is an embarrassing typo. I wonder how that ever > happened. I will take care of that. Bah, trivially easy to type, hard to spot, and won't break build in most cases. -serge _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
