Post Syndicated from original https://lwn.net/Articles/934460/

There are some “magic links” in kernel pseudo-filesystems, like procfs,
that can be—have been—(ab)used to cause security problems, such as a
container-confinement breach in 2019.
Aleksa Sarai has long been working on ways to blunt the impact of these
magic links. He led a filesystem session at the
2023 Linux Storage, Filesystem,
Memory-Management and BPF Summit to discuss the status of those efforts.