On Sat, Dec 02, 2000 at 10:37:41PM -0800, Thomas Bushnell, BSG wrote: > > I'm a little confused about your example; maybe I've misunderstood it, > but I think you're incorrect. > > Any program which is chrooting into a jail must also make sure there > are no open file descriptors to things that might let the user out; > notably, if the system has an fchdir syscall. yes but the chroot() syscall does none of these checks correct? I am simply stating why the chroot() call is privileged and only root may use it. a completely seperate issue is whether its possible to make a setuid root program to allow users to chroot safely. i am only arguing that changing the kernel to allow any user to use chroot() would end up making chroot() useless for security purposes. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpBQw7RR3p2N.pgp
Description: PGP signature