1. 11
  1. 2

    It looks like this is in code responsible for mounting filesystems. The sheer size of the attack surface introduced by user namespaces is mind boggling, and I can’t say I’m surprised we’re still seeing LPEs in functionality that used to be root-only.

    Incidentally, sandstorm is unaffected; we don’t let apps use user namespaces for exactly this reason.