On 8/15/2012 10:07 AM, Andy Whitcroft wrote:
> On Wed, Aug 15, 2012 at 09:59:51AM -0700, Casey Schaufler wrote:
>> On 8/15/2012 8:48 AM, Miklos Szeredi wrote:
>>> From: Andy Whitcroft
>>>
>>> When checking permissions on an overlayfs inode we do not take into
>>> account either device cgroup restr
On Wed, Aug 15, 2012 at 09:59:51AM -0700, Casey Schaufler wrote:
> On 8/15/2012 8:48 AM, Miklos Szeredi wrote:
> > From: Andy Whitcroft
> >
> > When checking permissions on an overlayfs inode we do not take into
> > account either device cgroup restrictions nor security permissions.
> > This allow
On 8/15/2012 8:48 AM, Miklos Szeredi wrote:
> From: Andy Whitcroft
>
> When checking permissions on an overlayfs inode we do not take into
> account either device cgroup restrictions nor security permissions.
> This allows a user to mount an overlayfs layer over a restricted device
> directory and
3 matches
Mail list logo
