From e14aa99a4b8bdb1ed7a85d5bbd502cc748304dab Mon Sep 17 00:00:00 2001
From: Albert S <mail@quitesimple.org>
Date: Sun, 11 Aug 2019 21:03:50 +0200
Subject: [PATCH] sandbox: paths must be bind mounted in order of their length

---
 sandbox/sandbox-linux.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sandbox/sandbox-linux.cpp b/sandbox/sandbox-linux.cpp
index 585d686..ad31d49 100644
--- a/sandbox/sandbox-linux.cpp
+++ b/sandbox/sandbox-linux.cpp
@@ -91,6 +91,8 @@ bool SandboxLinux::bindMountPaths(std::string target_root, std::initializer_list
 
 bool SandboxLinux::isolateNamespaces(std::vector<std::string> fsPaths)
 {
+	std::sort(fsPaths.begin(), fsPaths.end(),
+			  [](const std::string &a, const std::string &b) { return a.length() < b.length(); });
 
 	auto current_uid = getuid();
 	auto current_gid = getgid();