oss-sec mailing list archives
Re: CVE Request: ro bind mount bypass using user namespaces
From: Vitaly Nikolenko <vnik5287 () gmail com>
Date: Thu, 14 Aug 2014 12:48:42 +0700
just wanted to mention that the test script was also submitted in this commit https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=db181ce011e3c033328608299cd6fac06ea50130 On Ubuntu 14.04.1, mounting with MS_REMOUNT | MS_BIND (within a user namespace) resets nosuid, nodev, noexec flags.
Current thread:
- CVE Request: ro bind mount bypass using user namespaces Kenton Varda (Aug 12)
- Re: CVE Request: ro bind mount bypass using user namespaces Andy Lutomirski (Aug 12)
- Re: CVE Request: ro bind mount bypass using user namespaces Andy Lutomirski (Aug 12)
- Re: CVE Request: ro bind mount bypass using user namespaces Andy Lutomirski (Aug 12)
- Re: CVE Request: ro bind mount bypass using user namespaces Andy Lutomirski (Aug 13)
- Re: CVE Request: ro bind mount bypass using user namespaces Andy Lutomirski (Aug 12)
- Re: CVE Request: ro bind mount bypass using user namespaces cve-assign (Aug 12)
- Re: CVE Request: ro bind mount bypass using user namespaces Kenton Varda (Aug 13)
- Re: CVE Request: ro bind mount bypass using user namespaces Yves-Alexis Perez (Aug 13)
- Re: CVE Request: ro bind mount bypass using user namespaces Sven Kieske (Aug 13)
- <Possible follow-ups>
- Re: CVE Request: ro bind mount bypass using user namespaces Vitaly Nikolenko (Aug 14)
- Re: CVE Request: ro bind mount bypass using user namespaces Andy Lutomirski (Aug 12)