]> git.ipfire.org Git - thirdparty/libvirt.git/commit
projects / thirdparty / libvirt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 62d46ea) | patch
lxc: set nosuid+nodev+noexec flags on /proc/sys mount
authorEric W. Biederman <ebiederm@xmission.com>
Tue, 16 Jun 2015 13:44:36 +0000 (14:44 +0100)
committerDaniel P. Berrange <berrange@redhat.com>
Tue, 16 Jun 2015 16:21:49 +0000 (17:21 +0100)
commitbda5f2bddaa9cd5765baf77c9d21dc8131ad30a6
tree10d67f4b1991ad6d9a526073cf043a9b2aae96b4tree
parent62d46ead28bd5216fd7d60af691a937add7d432ccommit | diff
lxc: set nosuid+nodev+noexec flags on /proc/sys mount

Future kernels will mandate the use of nosuid+nodev+noexec
flags when mounting the /proc/sys filesystem. Unconditionally
add them now since they don't harm things regardless and could
mitigate future security attacks.

(cherry picked from commit 24710414d403f1040794299f5304fee160d0fc23)

Conflicts:
    src/lxc/lxc_container.c
src/lxc/lxc_container.c diff | blob | blame | history
Mirror of https://github.com/libvirt/libvirt.git