Followup to: <20010627014534.B2654@ondska>
By author: Jorgen Cederlof <jc@lysator.liu.se>
In newsgroup: linux.dev.kernel
>
> Have you ever wondered why normal users are not allowed to chroot?
>
> I have. The reasons I can figure out are:
>
> * Changing root makes it trivial to trick suid/sgid binaries to do
> nasty things.
>
> * If root calls chroot and changes uid, he expects that the process
> can not escape to the old root by calling chroot again.
>
> If we only allow user chroots for processes that have never been
> chrooted before, and if the suid/sgid bits won't have any effect under
> the new root, it should be perfectly safe to allow any user to chroot.
>
Safe, perhaps, but also completely useless: there is no way the user
can set up a functional environment inside the chroot. In other
words, it's all pain, no gain.
-hpa
-- <hpa@transmeta.com> at work, <hpa@zytor.com> in private! "Unix gives you enough rope to shoot yourself in the foot." http://www.zytor.com/~hpa/puzzle.txt - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Jun 30 2001 - 21:00:15 EST