[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: bind9-chroot (was: questions on ITP)

Peter Palfrader <weasel@debian.org> writes:

> AFAIK mount -o ro --bind /etc/ foo/etc does not mount readonly. So
> there would be write access to the root partition in the chroot.

If they are not writable by the user of the chroot process, that isn't
a problem.  If the attacker gets root, the user can break the chroot.

Alan Shutko <ats@acm.org> - In a variety of flavors!
Anyone stupid enough to be caught by the police is probably guilty.

Reply to: