new version of the AT_BENEATH patch, with more toggles: https://lore.kernel.org/lkml/20180929103453.12025-1-cyphar@cyphar.com/T/ … when giving a path to the kernel, you can separately choose whether you want to allow: - "/" and ".." for traversing up (including in symlinks) - crossing mountpoints - procfs symlinks - symlinks
-
Show this thread
oh, I should have read the patch more carefully before tweeting about it - unlike David Drysdale's original patch, this version of AT_BENEATH permits limited ".." use
3:00 AM - 1 Oct 2018
0 replies
0 retweets
3 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.