Re: can chroot be made safe for non-root?

Bernd Eckenfels (ecki-news2002-09@lina.inka.de)
Sat, 19 Oct 2002 21:07:42 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Bill Davidsen: "Re: 2.5.43 scsi _eh_ buslogic"
Previous message: robert swan: "usb joystick causing kernel panic"

In article <20021019134445.B28191@ma-northadams1b-3.bur.adelphia.net> you wrote:
> I do like the idea of preventing multiple chroots, as a second option.

this is not enough to allow chroot for non root. There are just too many
suid programs which rely on absolute path. So if one allows chroot() for
non-root users, the usage of suid/sgid must be forbidden, too.

Greetings
bernd
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Bill Davidsen: "Re: 2.5.43 scsi _eh_ buslogic"
Previous message: robert swan: "usb joystick causing kernel panic"