commit | ac08a687b8c4c17e11e5b614c5d538e5ad9a0452 | [log] [tgz] |
---|---|---|
author | Mike Frysinger <vapier@google.com> | Tue Oct 10 02:04:50 2017 -0400 |
committer | Treehugger Robot <treehugger-gerrit@google.com> | Thu Oct 19 20:44:59 2017 +0000 |
tree | 7479831cbd5c89caee6aeeed8bb2238c21a90e24 | |
parent | 0d1cbf6e88886378cd859a363747420b8fec8b4c [diff] |
allow bind mounts outside of chroots If we're in a unique namespace, there's no reason to not allow bind mounts. These can be useful like when setting up a unique /dev, or to make specific paths read-only for a daemon. Bug: chromium:680859 Test: `sudo ./minijail0 -rvpd -b /dev/log,/dev/log /bin/logger asdf` works Change-Id: I9dcb7f072dfdaee8b405e5d05e5d94ee999767e8