On 30.10.2018 11:55, Kirill Tkhai wrote: > Currently we have several BUG_ON() ported from userspace, > and they may fire in case of it's used malicious daemon > instead of original vstorage-mount. So, just prohibit > mounting with kio from inside container. > > https://pmc.acronis.com/browse/VSTOR-16325 > > Signed-off-by: Kirill Tkhai <ktk...@virtuozzo.com>
Reviewed-by: Pavel Butsykin <pbutsy...@virtuozzo.com> > --- > fs/fuse/inode.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c > index 0695b79c4c50..34e52262d37e 100644 > --- a/fs/fuse/inode.c > +++ b/fs/fuse/inode.c > @@ -709,6 +709,8 @@ static int parse_fuse_opt(char *opt, struct > fuse_mount_data *d, int is_bdev) > break; > case OPT_KIO_NAME: { > char *name; > + if (!ve_is_super(get_exec_env())) > + return 0; > name = match_strdup(&args[0]); > if (!name) > return 0; > _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel