Bug 1226108 - duplicate: Unprivledged circumvention of MNT_LOCKED mount points exposes underlying filesystem.
Summary: duplicate: Unprivledged circumvention of MNT_LOCKED mount points exposes unde...
Status: CLOSED DUPLICATE of bug 1226751
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On:
Blocks: 1213949
TreeView+ depends on / blocked
Reported: 2015-05-29 02:58 UTC by Wade Mealing
Modified: 2019-09-29 13:33 UTC (History)
39 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2015-08-26 01:11:06 UTC

Attachments (Terms of Use)

Description Wade Mealing 2015-05-29 02:58:12 UTC
It was reported[1] to the Linux Containers list that it would be possible to use user namespaces to circumvent MNT_LOCKED and allow unprivileged users to access the directory structure underneath of mounts. A PoC was also produced and is public.


[1] https://groups.google.com/forum/#!topic/linux.kernel/HnegnbXk0Vs
[2] http://www.spinics.net/lists/linux-containers/msg30786.html

Comment 1 Wade Mealing 2015-08-26 01:11:06 UTC
Didn't think this got made.. tooling bug.

*** This bug has been marked as a duplicate of bug 1226751 ***

Note You need to log in before you can comment on or make changes to this bug.