git://git.onelab.eu
/
linux-2.6.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
174e844
)
- merge revision 1.3
author
Mark Huang
<mlhuang@cs.princeton.edu>
Tue, 7 Jun 2005 18:10:04 +0000
(18:10 +0000)
committer
Mark Huang
<mlhuang@cs.princeton.edu>
Tue, 7 Jun 2005 18:10:04 +0000
(18:10 +0000)
date: 2005/06/07 18:09:06; author: mlhuang; state: Exp; lines: +4 -0
- fix 2.6.10 merge regression
- PL3131 fix: prevent vservers from escaping chroot() barriers
fs/posix_acl.c
patch
|
blob
|
history
diff --git
a/fs/posix_acl.c
b/fs/posix_acl.c
index
97fbb86
..
9c67690
100644
(file)
--- a/
fs/posix_acl.c
+++ b/
fs/posix_acl.c
@@
-215,6
+215,10
@@
posix_acl_permission(struct inode *inode, const struct posix_acl *acl, int want)
const struct posix_acl_entry *pa, *pe, *mask_obj;
int found = 0;
+ /* Prevent vservers from escaping chroot() barriers */
+ if (IS_BARRIER(inode) && !vx_check(0, VX_ADMIN))
+ return -EACCES;
+
FOREACH_ACL_ENTRY(pa, acl, pe) {
switch(pa->e_tag) {
case ACL_USER_OBJ: