Posted by halfdog on Jan 11

Hello List,

Preamble:

As the issue described herein was fixed 20161206 in Linux Kernel
already and publicly disclosed as security vulnerability 20151224,
here is a short writeup and POC exploit to understand the issue and
perform testing.

Description:

Linux user namespace allows to mount file systems as normal user,
including the overlayfs. As many of those features were not designed
with namespaces in mind, this increase the attack surface…