Description| -----------+ While auditing and experimenting with VServer procfs and vproc security we discovered a problem sharing permissions on the procfs mounted directories: Within any context users are still able to change permissions on /proc, both access permission and ownership. That is just fine as many people would like to restrict access to /proc to the root user or a group of trusted users. But as changes to a procfs mountpoint do not apply to the mountpoint itself but to procfs in general, these changes affect all contexts (VServers) and even the host system. All tests were done against the stable branch (1.2x) but regarding to Herbert Poetzl, the problem exists on both devel branches (1.3.x, 1.9.x), too. Version 1.28 (stable branch) resolves this problem.
I'm waiting for the upstream VServer depelopers to release a fixed version of the 1.3 branch, I'll add it in when they do...
Removed the development branch and added in 1.28; closing this bug as FIXED. I'll address this issue in the next batch of kernel announcements...