On Wed, Jul 08, 2015 at 08:31:40AM -0500, Eric W. Biederman wrote: > > Are: > > mnt: Refactor the logic for mounting sysfs and proc in a user namespace 1b852bceb0d111e510d1a15826ecc4a19358d512 > mnt: Modify fs_fully_visible to deal with locked ro nodev and atime 8c6cf9cc829fcd0b179b59f7fe288941d0e31108 > > coming? > > Anyone being able to remove the read-only mount status of > proc and sysfs is scary bug. I think I have seen CVE flying I was going to wait for the next round of stable kernels for these fixes, I had to draw the line somewhere. I wasn't aware there was a CVE for this, if you think they should go in now, I'll go add them. But wasn't there more than just these two? I see a number of patches in my queue around this area that you were asking to be included in stable kernels. thanks, greg k-h -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html