[uml-devel] Bug report

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I love UML. I'm trying to use in on a single machine in a colo to
provide multiple environments behind a firewall.

Anyway, I've just been playing with the hostfs stuff and there seems to
be a gaping security hole.

Any UML can mount the hosts rootfs even if rootfs=/xxx is specified.

UML version:
	Linux wacka.mjr.org 2.4.20-6um #1 SMP Fri Jun 6 10:15:19 EDT
	2003 i686 unknown

mount - /mnt -t hostfs
ls /mnt
wacka:~# ls /mnt
	foo  x

mount - /mnt -t hostfs -o /
ls /mnt
	1  3  5    boot   dev  floppy  i386    lib  opt   root  tmp
	usr  vmlinuz      xxx
	2  4  bin  cdrom  etc  home    initrd  mnt  proc  sbin
	uml-wacka  var  vmlinuz.old

That is not what I want to see!

I hope I've missing something.

--
Cheers
Paul