[PATCH 0/2][T/X/B/C/D] Bypass of mount visibility through userns + mount propagation (LP: #1789161)
Tyler Hicks
tyhicks at canonical.com
Tue Nov 13 07:44:36 UTC 2018
BugLink: https://launchpad.net/bugs/1789161
Jonathan Calmels from NVIDIA reported that he's able to bypass the mount
visibility security check in place in the Linux kernel by using a combination
of the unbindable property along with the private mount propagation option to
allow a unprivileged user to see a path which was purposefully hidden by the
root user.
These patches cleanly cherry-pick back to Trusty.
Tyler
More information about the kernel-team
mailing list