diff -NurpP linux-3.10.17-vs2.3.6.6/fs/namespace.c linux-3.10.17-vs2.3.6.6.1/fs/namespace.c
--- linux-3.10.17-vs2.3.6.6/fs/namespace.c	2013-10-09 17:37:22.000000000 +0000
+++ linux-3.10.17-vs2.3.6.6.1/fs/namespace.c	2013-10-27 03:42:21.000000000 +0000
@@ -1301,7 +1301,8 @@ static int do_umount(struct mount *mnt,
  */
 static inline bool may_mount(void)
 {
-	return ns_capable(current->nsproxy->mnt_ns->user_ns, CAP_SYS_ADMIN);
+	return vx_ns_capable(current->nsproxy->mnt_ns->user_ns,
+		CAP_SYS_ADMIN, VXC_SECURE_MOUNT);
 }
 
 /*
diff -NurpP linux-3.10.17-vs2.3.6.6/include/uapi/vserver/context.h linux-3.10.17-vs2.3.6.6.1/include/uapi/vserver/context.h
--- linux-3.10.17-vs2.3.6.6/include/uapi/vserver/context.h	2013-08-22 20:30:00.000000000 +0000
+++ linux-3.10.17-vs2.3.6.6.1/include/uapi/vserver/context.h	2013-10-27 03:43:35.000000000 +0000
@@ -66,8 +66,8 @@
 #define VXC_OOM_ADJUST		0x00002000
 #define VXC_AUDIT_CONTROL	0x00004000
 
-/* #define VXC_SECURE_MOUNT	0x00010000
-#define VXC_SECURE_REMOUNT	0x00020000 */
+#define VXC_SECURE_MOUNT	0x00010000
+/* #define VXC_SECURE_REMOUNT	0x00020000 */
 #define VXC_BINARY_MOUNT	0x00040000
 #define VXC_DEV_MOUNT		0x00080000