summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/control/proc.go
diff options
context:
space:
mode:
authorFabricio Voznika <fvoznika@google.com>2018-09-07 10:44:50 -0700
committerShentubot <shentubot@google.com>2018-09-07 10:45:55 -0700
commitf895cb4d8b4b37a563b7a5b9dc92eae552084b44 (patch)
treeb22f978207dc0eb2bb312215bda012d47143d44b /pkg/sentry/control/proc.go
parent169e2efc5a2116755beca91e65802780282ab4c1 (diff)
Use root abstract socket namespace for exec
PiperOrigin-RevId: 211999211 Change-Id: I5968dd1a8313d3e49bb6e6614e130107495de41d
Diffstat (limited to 'pkg/sentry/control/proc.go')
-rw-r--r--pkg/sentry/control/proc.go23
1 files changed, 12 insertions, 11 deletions
diff --git a/pkg/sentry/control/proc.go b/pkg/sentry/control/proc.go
index 4848a5d2b..6949a3ae5 100644
--- a/pkg/sentry/control/proc.go
+++ b/pkg/sentry/control/proc.go
@@ -95,17 +95,18 @@ func (proc *Proc) Exec(args *ExecArgs, waitStatus *uint32) error {
proc.Kernel.RootUserNamespace())
initArgs := kernel.CreateProcessArgs{
- Filename: args.Filename,
- Argv: args.Argv,
- Envv: args.Envv,
- WorkingDirectory: args.WorkingDirectory,
- Credentials: creds,
- FDMap: fdm,
- Umask: 0022,
- Limits: l,
- MaxSymlinkTraversals: linux.MaxSymlinkTraversals,
- UTSNamespace: proc.Kernel.RootUTSNamespace(),
- IPCNamespace: proc.Kernel.RootIPCNamespace(),
+ Filename: args.Filename,
+ Argv: args.Argv,
+ Envv: args.Envv,
+ WorkingDirectory: args.WorkingDirectory,
+ Credentials: creds,
+ FDMap: fdm,
+ Umask: 0022,
+ Limits: l,
+ MaxSymlinkTraversals: linux.MaxSymlinkTraversals,
+ UTSNamespace: proc.Kernel.RootUTSNamespace(),
+ IPCNamespace: proc.Kernel.RootIPCNamespace(),
+ AbstractSocketNamespace: proc.Kernel.RootAbstractSocketNamespace(),
}
ctx := initArgs.NewContext(proc.Kernel)
mounter := fs.FileOwnerFromContext(ctx)