Re: [PATCH] User chroot

Kai Henningsen (kaih@khms.westfalen.de)
27 Jun 2001 08:35:00 +0200


pmenage@ensim.com (Paul Menage) wrote on 26.06.01 in <E15F4tx-0003sA-00@pmenage-dt.ensim.com>:

> >You need to be root to do mknod. You need to do mknod to create /dev/zero.
> >You need /dev/zero to get anywhere near the normal behaviour of the system.
> >
>
> Sure, but we're not necessarily looking for a system that behaves
> normally in all aspects. The example given was that of a paranoid
> network server that does all its initialisation in a normal environment,
> and then does a chroot to its data directory. Or alternatively, forks
> after accepting a connection, and the child does a chroot. No need to be
> able to exec other programs, etc. Such a daemon is certainly possible,
> as I've written one myself. But it had to be started by root, rather
> than by a normal user.

Aah - in that case, it seems the absence of /dev/zero might even be an
advantage, making it impossible to exec (most) programs.

MfG Kai
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/