Re: apt-get and The_User
Paul Hedderly <paul@mjr.org> writes:
> On Sun, Dec 03, 2000 at 01:03:54AM +0100, Remco Blaakmeer wrote:
> > In what way would chroot elevate privileges for a non-root user?
>
> If you are giving the chroot user root in the chroot... then they
> can copy a shell - suid it... and they have access to that
> new suid shell from the real filesystem. - They have open access
> to the whole box.
There's no such thing as being "root in the chroot". A process is
root or not, regardless of the current root directory. chroot changes
the interpretation of / and .., it does not affect your priveleges.
Thomas
Reply to: