]> git.ipfire.org Git - thirdparty/systemd.git/commit
mountfsd: do not cross mount boundaries when looking for parent of foreign UID range...
authorLennart Poettering <lennart@amutable.com>
Thu, 5 Feb 2026 15:51:56 +0000 (16:51 +0100)
committerLennart Poettering <lennart@amutable.com>
Mon, 9 Feb 2026 09:33:01 +0000 (10:33 +0100)
commit2557f78c074eb47a27f41e99dc9fb8198d4aaadb
tree10edbce99b57460b7ff98f9211392f328a31cecf
parentf5a7247afbaae2b15659c15dec0ff8f395f08a33
mountfsd: do not cross mount boundaries when looking for parent of foreign UID range owned dirs

This is primarily paranoia: it might be possible for unpriv users to set
up mount hierarchies in unexpected ways when using userns. Hence let's
make protections more rigid: when looking for a parent dir of a foreign
UID owned dir tree, refuse to cross mount boundaries.
src/mountfsd/mountwork.c