git://git.onelab.eu
/
linux-2.6.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
2e8358d
)
- fix 2.6.10 merge regression
author
Mark Huang
<mlhuang@cs.princeton.edu>
Tue, 7 Jun 2005 18:09:06 +0000
(18:09 +0000)
committer
Mark Huang
<mlhuang@cs.princeton.edu>
Tue, 7 Jun 2005 18:09:06 +0000
(18:09 +0000)
- PL3131 fix: prevent vservers from escaping chroot() barriers
fs/posix_acl.c
patch
|
blob
|
history
diff --git
a/fs/posix_acl.c
b/fs/posix_acl.c
index
97fbb86
..
9c67690
100644
(file)
--- a/
fs/posix_acl.c
+++ b/
fs/posix_acl.c
@@
-215,6
+215,10
@@
posix_acl_permission(struct inode *inode, const struct posix_acl *acl, int want)
const struct posix_acl_entry *pa, *pe, *mask_obj;
int found = 0;
+ /* Prevent vservers from escaping chroot() barriers */
+ if (IS_BARRIER(inode) && !vx_check(0, VX_ADMIN))
+ return -EACCES;
+
FOREACH_ACL_ENTRY(pa, acl, pe) {
switch(pa->e_tag) {
case ACL_USER_OBJ: