projects / platform / upstream / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e3c4a68) | patch
journald: never accept fds from file systems with mandatory locking enabled
authorLennart Poettering <lennart@poettering.net>
Tue, 10 Nov 2015 19:08:04 +0000 (20:08 +0100)
committerLennart Poettering <lennart@poettering.net>
Tue, 10 Nov 2015 20:03:49 +0000 (21:03 +0100)
commit1e603a482f57edb1fb863dbf23b868cf5854e004
tree2362e3e6f5a9f83e6bff3a7b5d2d21cd65da9179tree | snapshot
parente3c4a681db0b7004904b95d55fd1a443161c9397commit | diff
journald: never accept fds from file systems with mandatory locking enabled

This is pretty much a work-around for a security vulnerability in
kernels that allow unprivileged user namespaces.

Fixes #1822.
src/journal/journald-native.c diff | blob | history
Domain: System / System Framework;