From 679142ce4a8def7da43c4d3b2a02bae8c0d21175 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 18 Mar 2014 04:06:54 +0100
Subject: core: remount /sys/fs/cgroup/ read-only after we mounted all
 controllers

Given that glibc searches for /dev/shm by just looking for any tmpfs we
should be more careful with providing tmpfs instances arbitrary code
might end up writing to.
---
 src/core/mount-setup.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
index c6d3f4bbcc..147333a6c6 100644
--- a/src/core/mount-setup.c
+++ b/src/core/mount-setup.c
@@ -338,6 +338,10 @@ int mount_cgroup_controllers(char ***join_controllers) {
                 }
         }
 
+        /* Now that we mounted everything, let's make the tmpfs the
+         * cgroup file systems are mounted into read-only. */
+        mount("tmpfs", "/sys/fs/cgroup", "tmpfs", MS_REMOUNT|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME|MS_RDONLY, "mode=755");
+
         return 0;
 }
 
-- 
cgit v1.2.3-54-g00ecf