Albert D. Cahalan wrote:
>
> Normal users can use an environment provided for them.
>
> While trying to figure out why the "heyu" program would not
> work on a Red Hat box, I did just this. As root I set up all
> the device files needed, along Debian libraries and the heyu
> executable itself. It was annoying that I couldn't try out
> my chroot environment as a regular user.
>
> Creating the device files isn't a big deal. It wouldn't be
> hard to write a setuid app to make the few needed devices.
> If we had per-user limits, "mount --bind /dev/zero /foo/zero"
> could be allowed. One way or another, devices can be provided.
>
Hell no! This would give the user a way to subvert root or other
system-provided things by having device nodes or such appear where they
aren't expected. NOT GOOD.
-hpa
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Jun 30 2001 - 21:00:15 EST