sandbox: paths must be bind mounted in order of their length

2019-08-11 21:03:50 +02:00 · 2019-08-11 21:03:50 +02:00 · e14aa99a4b
--- a/sandbox/sandbox-linux.cpp
+++ b/sandbox/sandbox-linux.cpp
@ -91,6 +91,8 @@ bool SandboxLinux::bindMountPaths(std::string target_root, std::initializer_list

 bool SandboxLinux::isolateNamespaces(std::vector<std::string> fsPaths)
 {
+	std::sort(fsPaths.begin(), fsPaths.end(),
+			  [](const std::string &a, const std::string &b) { return a.length() < b.length(); });

 	auto current_uid = getuid();
 	auto current_gid = getgid();