Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 14 Aug 2014 12:48:42 +0700
From: Vitaly Nikolenko <vnik5287@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request: ro bind mount bypass using user namespaces

just wanted to mention that the test script was also submitted in this
commit
https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=db181ce011e3c033328608299cd6fac06ea50130

On Ubuntu 14.04.1, mounting with MS_REMOUNT | MS_BIND (within a user
namespace) resets nosuid, nodev, noexec flags.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ