1
linux/include
Eric W. Biederman 5ff9d8a65c vfs: Lock in place mounts from more privileged users
When creating a less privileged mount namespace or propogating mounts
from a more privileged to a less privileged mount namespace lock the
submounts so they may not be unmounted individually in the child mount
namespace revealing what is under them.

This enforces the reasonable expectation that it is not possible to
see under a mount point.  Most of the time mounts are on empty
directories and revealing that does not matter, however I have seen an
occassionaly sloppy configuration where there were interesting things
concealed under a mount point that probably should not be revealed.

Expirable submounts are not locked because they will eventually
unmount automatically so whatever is under them already needs
to be safe for unprivileged users to access.

From a practical standpoint these restrictions do not appear to be
significant for unprivileged users of the mount namespace.  Recursive
bind mounts and pivot_root continues to work, and mounts that are
created in a mount namespace may be unmounted there.  All of which
means that the common idiom of keeping a directory of interesting
files and using pivot_root to throw everything else away continues to
work just fine.

Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Acked-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
2013-07-24 09:14:46 -07:00
..
acpi PCI changes for the v3.11 merge window: 2013-07-03 16:31:35 -07:00
asm-generic Merge branch 'cpuinit-delete' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux 2013-07-07 11:01:19 -07:00
clocksource
crypto
drm drm/cma: remove GEM CMA specific dma_buf functionality 2013-07-05 15:44:54 +10:00
dt-bindings ARM: at91: dt: add header to define at_hdmac configuration 2013-07-05 11:40:53 +05:30
keys
kvm
linux vfs: Lock in place mounts from more privileged users 2013-07-24 09:14:46 -07:00
math-emu
media [media] exynos4-is: Correct colorspace handling at FIMC-LITE 2013-06-28 15:33:27 -03:00
memory
misc
net Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-07-13 17:42:22 -07:00
pcmcia
ras
rdma Merge branches 'af_ib', 'cxgb4', 'misc', 'mlx5', 'ocrdma', 'qib' and 'srp' into for-next 2013-07-08 11:22:11 -07:00
rxrpc
scsi
sound
target target: make queue_tm_rsp() return void 2013-07-07 18:36:53 -07:00
trace Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2013-07-11 12:57:19 -07:00
uapi Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-07-14 11:42:26 -07:00
video Merge branch 'drm-next' of git://people.freedesktop.org/~airlied/linux 2013-07-09 16:04:31 -07:00
xen Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-07-09 18:24:39 -07:00
Kbuild