]> git.ipfire.org Git - thirdparty/libvirt.git/commit
projects / thirdparty / libvirt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ad5fd9b) | patch
lxc: set nosuid+nodev+noexec flags on /proc/sys mount
authorEric W. Biederman <ebiederm@xmission.com>
Tue, 16 Jun 2015 13:44:36 +0000 (14:44 +0100)
committerDaniel P. Berrange <berrange@redhat.com>
Tue, 16 Jun 2015 13:44:36 +0000 (14:44 +0100)
commit24710414d403f1040794299f5304fee160d0fc23
tree37a068bb176986b2fd623532f68a2bc8d5d77568tree
parentad5fd9b87b772418d1b7efcca275166efb1cf856commit | diff
lxc: set nosuid+nodev+noexec flags on /proc/sys mount

Future kernels will mandate the use of nosuid+nodev+noexec
flags when mounting the /proc/sys filesystem. Unconditionally
add them now since they don't harm things regardless and could
mitigate future security attacks.
src/lxc/lxc_container.c diff | blob | blame | history
Mirror of https://github.com/libvirt/libvirt.git