Re: Does MNT_LOCKED work as expected?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Andrey Wagin <avagin@xxxxxxxxx> writes:

> Hi All,
>
> I think I found a case, when MNT_LOCKED (5ff9d8a65ce8 "vfs: Lock in
> place mounts from more privileged users") doesn't help to hide
> overmounted parts from unprivileged users.

> The problem exists for mounts, which are not overmounted entirely. In
> such cases we can open a directory from a target mount, which is not
> overmounted. Then we do pivot_root to move all mounts in a temporary
> directory. At the final step we deatch all mounts from the temporary
> directory. After that all children mounts are umounted from the target
> mount and we can use our file descriptor to open files, which have
> been overmount before.
>
> Here is a example https://github.com/avagin/userns_vs_mntns.

I am looking at this now to make certain I am understand what you are
seeing but so far it looks like lazy unmounts allow you to bypass
MNT_LOCKED :(

Grumble.

Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]
  Powered by Linux