#5: multiple pam_namespace unmount problems -----------------------------+------------------------------ Reporter: andersblomdell | Owner: pam-developers@… Type: defect | Status: new Priority: major | Component: library Version: 1.1.x | Keywords: Blocked By: | Blocking: -----------------------------+------------------------------ This is essentially a short version of the bug in:
http://bugzilla.redhat.com/show_bug.cgi?id=755216
Essentially pam_namespace (1.1.5) suffers the following problems:
1. The (bind) mounts done in the new namespace is visible in the original namespace (Error "too many levels of symbolic links").
2. At pam_namespace exit, the original mounting is restored for any remaining child processes (daemons), which is a security problem.
Patch is attached