From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 18 Mar 2014 03:06:54 +0000 (+0100)
Subject: core: remount /sys/fs/cgroup/ read-only after we mounted all controllers
X-Git-Tag: v212~120
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=679142ce4a8def7da43c4d3b2a02bae8c0d21175;p=elogind.git

core: remount /sys/fs/cgroup/ read-only after we mounted all controllers

Given that glibc searches for /dev/shm by just looking for any tmpfs we
should be more careful with providing tmpfs instances arbitrary code
might end up writing to.
---

diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
index c6d3f4bbc..147333a6c 100644
--- a/src/core/mount-setup.c
+++ b/src/core/mount-setup.c
@@ -338,6 +338,10 @@ int mount_cgroup_controllers(char ***join_controllers) {
                 }
         }
 
+        /* Now that we mounted everything, let's make the tmpfs the
+         * cgroup file systems are mounted into read-only. */
+        mount("tmpfs", "/sys/fs/cgroup", "tmpfs", MS_REMOUNT|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME|MS_RDONLY, "mode=755");
+
         return 0;
 }