> Philippe Troin  wrote:
> >Eric Buddington <eric@ma-northadams1b-3.bur.adelphia.net> writes:
> >> Would it be reasonable to allow non-root processes to chroot(), if the
> >> chroot syscall also changed the cwd for non-root processes?
> >
> >No.
> >
> >  fd = open("/", O_RDONLY);
> >  chroot("/tmp");
> >  fchdir(fd);
> >
> >and you're out of the chroot.
> 
> Irrelevant.  If a process *wants* to voluntarily sandbox itself, it can
> close all open file descriptors before sandboxing.
You missed the point.
If the process can be forced to run the above (possibly via a stack
overflow), then it is out of the chroot.
Phil.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/