diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2016-05-20 22:42:21 +0200 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2016-06-23 22:41:56 +0200 |
commit | 3ee690143c3c99f6c0e83f08ff17556890bc6027 (patch) | |
tree | 6d2d85666a62c90af50e1c7a765fc3315464fce3 | |
parent | kernfs: The cgroup filesystem also benefits from SB_I_NOEXEC (diff) | |
download | linux-3ee690143c3c99f6c0e83f08ff17556890bc6027.tar.xz linux-3ee690143c3c99f6c0e83f08ff17556890bc6027.zip |
ipc/mqueue: The mqueue filesystem should never contain executables
Set SB_I_NOEXEC on mqueuefs to ensure small implementation mistakes
do not result in executable on mqueuefs by accident.
Acked-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
-rw-r--r-- | ipc/mqueue.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/ipc/mqueue.c b/ipc/mqueue.c index 60d97082f4dc..5bdd50de7d05 100644 --- a/ipc/mqueue.c +++ b/ipc/mqueue.c @@ -307,6 +307,7 @@ static int mqueue_fill_super(struct super_block *sb, void *data, int silent) struct inode *inode; struct ipc_namespace *ns = sb->s_fs_info; + sb->s_iflags |= SB_I_NOEXEC; sb->s_blocksize = PAGE_SIZE; sb->s_blocksize_bits = PAGE_SHIFT; sb->s_magic = MQUEUE_MAGIC; |