On 27/08/13 22:46, Eric W. Biederman wrote:
>
> Don't allow mounting sysfs unless the caller has CAP_SYS_ADMIN rights
> over the net namespace. The principle here is if you create or have
> capabilities over it you can mount it, otherwise you get to live with
> what other people have mounted.
>
On Tue, Aug 27, 2013 at 02:46:27PM -0700, Eric W. Biederman wrote:
>
> Don't allow mounting sysfs unless the caller has CAP_SYS_ADMIN rights
> over the net namespace. The principle here is if you create or have
> capabilities over it you can mount it, otherwise you get to live with
> what other p
2 matches
Mail list logo
