| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 16 Jul 2021 12:46:03 +0200
From: Alexey Gladkov <legion@...nel.org>
To: LKML <linux-kernel@...r.kernel.org>,
"Eric W . Biederman" <ebiederm@...ssion.com>
Cc: Alexander Viro <viro@...iv.linux.org.uk>,
Kees Cook <keescook@...omium.org>,
Linux Containers <containers@...ts.linux-foundation.org>,
Linux FS Devel <linux-fsdevel@...r.kernel.org>
Subject: [RESEND PATCH v6 5/5] docs: proc: add documentation about relaxing visibility restrictions
Signed-off-by: Alexey Gladkov <legion@...nel.org>
---
Documentation/filesystems/proc.rst | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/Documentation/filesystems/proc.rst b/Documentation/filesystems/proc.rst
index 5a1bb0e081fd..9d993aef7f1c 100644
--- a/Documentation/filesystems/proc.rst
+++ b/Documentation/filesystems/proc.rst
@@ -2182,7 +2182,8 @@ are not related to tasks.
If user namespaces are in use, the kernel additionally checks the instances of
procfs available to the mounter and will not allow procfs to be mounted if:
- 1. This mount is not fully visible.
+ 1. This mount is not fully visible unless the new procfs is going to be
+ mounted with subset=pid option.
a. It's root directory is not the root directory of the filesystem.
b. If any file or non-empty procfs directory is hidden by another mount.
--
2.29.3
Powered by blists - more mailing lists