From: Andrew Vagin <ava...@openvz.org>
ns_last_pid belongs to pidns, so it's safe.
Signed-off-by: Andrew Vagin <ava...@openvz.org>
(cherry picked from commit 7a98fd7389e05adeed6b1dba2766066b06db8992)
Signed-off-by: Konstantin Khorenko <khore...@virtuozzo.com>
(cherry picked from vz8 commit 290b207fd39e94781e99dd3f8d2fbe35e64be81f)
Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com>
---
kernel/pid_namespace.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c
index 51897deed16e..93d3ef4ee88f 100644
--- a/kernel/pid_namespace.c
+++ b/kernel/pid_namespace.c
@@ -292,7 +292,7 @@ static struct ctl_table pid_ns_ctl_table[] = {
{
.procname = "ns_last_pid",
.maxlen = sizeof(int),
- .mode = 0666, /* permissions are checked in the handler */
+ .mode = 0666 | S_ISVTX, /* permissions are checked in the
handler */
.proc_handler = pid_ns_ctl_handler,
.extra1 = SYSCTL_ZERO,
.extra2 = &pid_max,
--
2.31.1
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
