Re: [PATCH] User chroot
H. Peter Anvin (hpa@zytor.com)
26 Jun 2001 16:46:02 -0700
Followup to: <20010627014534.B2654@ondska>
By author: Jorgen Cederlof <jc@lysator.liu.se>
In newsgroup: linux.dev.kernel
>
> Have you ever wondered why normal users are not allowed to chroot?
>
> I have. The reasons I can figure out are:
>
> * Changing root makes it trivial to trick suid/sgid binaries to do
> nasty things.
>
> * If root calls chroot and changes uid, he expects that the process
> can not escape to the old root by calling chroot again.
>
> If we only allow user chroots for processes that have never been
> chrooted before, and if the suid/sgid bits won't have any effect under
> the new root, it should be perfectly safe to allow any user to chroot.
>
Safe, perhaps, but also completely useless: there is no way the user
can set up a functional environment inside the chroot. In other
words, it's all pain, no gain.
-hpa
--
<hpa@transmeta.com> at work, <hpa@zytor.com> in private!
"Unix gives you enough rope to shoot yourself in the foot."
http://www.zytor.com/~hpa/puzzle.txt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/