test · 0d8aec0c3ad9df6c9365718c97510e41b9f9e5dd · zhul / criu

proc: mount proc with minimal permissions · 2a0c8db7

Andrey Vagin authored Jun 18, 2015

Eric wants to restrict permissions for proc mounts in a non-root userns
according with proc mounts in the root userns.

Author: Eric W. Biederman <ebiederm@xmission.com>
Date:   Fri May 8 23:49:47 2015 -0500

    mnt: Modify fs_fully_visible to deal with locked ro nodev and atime

    Ignore an existing mount if the locked readonly, nodev or atime
    attributes are less permissive than the desired attributes
    of the new mount.
...
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>

2a0c8db7

Name	Last commit	Last update
..
app-emu		Loading commit data...
bers		Loading commit data...
crit		Loading commit data...
ext-links		Loading commit data...
fault-injection		Loading commit data...
jenkins		Loading commit data...
libcriu		Loading commit data...
mem-snap		Loading commit data...
mounts		Loading commit data...
pipes		Loading commit data...
rpc		Loading commit data...
security		Loading commit data...
tcp		Loading commit data...
unix-callback		Loading commit data...
zdtm		Loading commit data...
.gitignore		Loading commit data...
Makefile		Loading commit data...
Makefile.zdtm		Loading commit data...
app-emu.sh		Loading commit data...
env.sh		Loading commit data...
functions.sh		Loading commit data...
maps.py		Loading commit data...
post-dump.sh		Loading commit data...
zdtm.sh		Loading commit data...
zdtm_ct.c		Loading commit data...
zdtm_mount_cgroups		Loading commit data...