> > [...]
> > What would you see the behavior being if process 'x' is chroot'ed
> > to directory 'y' and you blocked access to a directory above it's root?
> > Would the access checks still be done to the root of the filesystem or
> > just the 'root' of the process?
> How is it done now? If some process chroots to /dir1/dir2, and tries to
> access /dir1/dir2/file, does the access succeed or fail after a "chmod
> 000 /dir1"? Is the current behaviour not incorrect, too?
No chroot(2) needed, just a chdir(2) to make your point. And as always,
permissions are checked when they are used (i.e., to go into /dir1/dir2,
they are checked at _that_ point in time). If they are changed later
doesn't matter. A bit surprising perhaps, but the only sane (and efficient)
way of doing business.
-- Dr. Horst H. von Brand mailto:vonbrand@inf.utfsm.cl Departamento de Informatica Fono: +56 32 654431 Universidad Tecnica Federico Santa Maria +56 32 654239 Casilla 110-V, Valparaiso, Chile Fax: +56 32 797513- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/