On 22/11/2023 7:46 pm, Andrew Cooper wrote:
> On 06/11/2023 3:05 pm, Alejandro Vallejo wrote:
>> This is important in order for every mount done inside a mount namespace to
>> go away after the namespace itself goes away. The comment referring to
>> unreliability in Linux 4.19 was just wrong.
>>
>> This patch sets the story straight and makes the depriv pygrub a bit more
>> confined should a layer of the onion be vulnerable.
>>
>> Signed-off-by: Alejandro Vallejo <[email protected]>
> Acked-by: Andrew Cooper <[email protected]>
Sorry, wants
Fixes: e0342ae5556f ("tools/pygrub: Deprivilege pygrub")
too. Will fix on commit.
~Andrew
