Re: Filesystem Capabilities in 2.6?

yodaiken@fsmlabs.com
Sun, 3 Nov 2002 09:56:12 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Matt D. Robinson: "Re: [lkcd-devel] Re: [lkcd-general] Re: What's left over."
Previous message: Alexander Viro: "Re: Filesystem Capabilities in 2.6?"

On Sun, Nov 03, 2002 at 11:56:22AM -0500, Alexander Viro wrote:
>
>
> On 3 Nov 2002, Alan Cox wrote:
>
> > On Sun, 2002-11-03 at 14:51, Alexander Viro wrote:
> > > No messing with chroot needed - just a way to irrevertibly turn off the
> > > ability (for anybody) to do mounts/umounts in a given namespace and ability
> > > to clone that namespace. Then give them ramfs for root and bind whatever
> > > you need in there. No breaking out of that, since there is nothing below
> > > their root where they could break out to...
> >
> > mkdir foo
> > chroot foo
> > cd ../../../..
> > chroot .
>
> ... will give him nothing, since he is not in chroot jail to start with.
> He has a namespace of his own with his own root filesystem. Which has
> several empty directories and nothing else - everything else is bound on
> these. He is at his absolute root and can't break out of it - there is
> nowhere to break out. So his /foo will be a subdirectory of root of his
> root filesystem. OK, he chroots there. His cwd is still at absolute root
> and he can follow .. until he's blue in the face - he will stay where he
> started.

Plan 9 !

-- --------------------------------------------------------- Victor Yodaiken Finite State Machine Labs: The RTLinux Company. www.fsmlabs.com www.rtlinux.com 1+ 505 838 9109

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Matt D. Robinson: "Re: [lkcd-devel] Re: [lkcd-general] Re: What's left over."
Previous message: Alexander Viro: "Re: Filesystem Capabilities in 2.6?"