Peter Palfrader <weasel@debian.org> writes: > AFAIK mount -o ro --bind /etc/ foo/etc does not mount readonly. So > there would be write access to the root partition in the chroot. If they are not writable by the user of the chroot process, that isn't a problem. If the attacker gets root, the user can break the chroot. -- Alan Shutko <ats@acm.org> - In a variety of flavors! Anyone stupid enough to be caught by the police is probably guilty.