Just to avoid the possible confusion, let me repeat that the fix itsef looks "obviously fine" to me, "i_nlink != 2" looks obviously wrong. I am not arguing with this patch, I am just trying to understand this logic. On 11/27, Eric W. Biederman wrote: > > [... snip ...] Thanks a lot. > For the real concern about jail environments where proc and sysfs are > not mounted at all a fs_visible check is all that is really required, this is what I can't understand... Lets ignore the implementation details. Suppose that proc was never mounted. Then "mount -t proc" should fail after CLONE_NEWUSER | NEWNS? Oleg. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
