git.baikalelectronics.ru Git - kernel.git/commit

author	Eric W. Biederman <ebiederm@xmission.com>
	Tue, 31 Jul 2012 20:13:04 +0000 (13:13 -0700)
committer	Eric W. Biederman <ebiederm@xmission.com>
	Mon, 19 Nov 2012 13:59:20 +0000 (05:59 -0800)
commit	4346487cbb9abdbe8d259ec13c0780b0686c743b
tree	d08fef7f89da670c24116805dbe1bcf60e094497	tree \| snapshot
parent	1b6452ce8f31e8b9220f6a9decbb326d0aaf11d1	commit \| diff

vfs: Only support slave subtrees across different user namespaces

Sharing mount subtress with mount namespaces created by unprivileged
users allows unprivileged mounts created by unprivileged users to
propagate to mount namespaces controlled by privileged users.

Prevent nasty consequences by changing shared subtrees to slave
subtress when an unprivileged users creates a new mount namespace.

Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>

fs/namespace.c		diff \| blob \| history
fs/pnode.h		diff \| blob \| history