aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/ipc
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2016-06-10 13:03:05 -0500
committerEric W. Biederman <ebiederm@xmission.com>2016-06-23 15:41:56 -0500
commit29a517c232d21a717aecea29838aeb07131f6196 (patch)
tree6e49472e6f3efaf11831a4deb82d4e7656702553 /ipc
parentmnt: Move the FS_USERNS_MOUNT check into sget_userns (diff)
downloadwireguard-linux-29a517c232d21a717aecea29838aeb07131f6196.tar.xz
wireguard-linux-29a517c232d21a717aecea29838aeb07131f6196.zip
kernfs: The cgroup filesystem also benefits from SB_I_NOEXEC
The cgroup filesystem is in the same boat as sysfs. No one ever permits executables of any kind on the cgroup filesystem, and there is no reasonable future case to support executables in the future. Therefore move the setting of SB_I_NOEXEC which makes the code proof against future mistakes of accidentally creating executables from sysfs to kernfs itself. Making the code simpler and covering the sysfs, cgroup, and cgroup2 filesystems. Acked-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'ipc')
0 files changed, 0 insertions, 0 deletions