[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: chroot

Christian Jaeger <christian.jaeger@sl.ethz.ch> writes:

> I think another one is creating a [k]mem device (haven't tried
> it). Afaik, LIDS people had to introduce/implement a new capability to
> block direct memory access, which implies that on a normal kernel you
> can't prevent root from escaping chroot.

And there's the way out mentioned in the chroot(2) manpage.

Alan Shutko <ats@acm.org> - In a variety of flavors!
I have not yet begun to byte!

Reply to: