Shaya Potter wrote:
>the problem with chroot() is that they dont nest.
That's *a* problem, but not (IMHO) the most significant problem.
The biggest disadvantages with chroot() (as I see it) are:
* not useable unless you're root
* too coarse-grained
* only protects the filesystem, but not other resources (e.g., the network)
* not suitable for jailing root
> If however, one could provide even a single level of nesting, such that
> a chroot outside of a chroot sets the first level, and any other chroot
> after that sets the inner level, then even root wouldn't be able to
> break out of the chroot (presuming it didn't bring any fd's into the
> chroot w/ it).
This is not quite right. There are LOTS of other ways that root
can break out of a chroot.
Actually, I suspect that nested chroot()s may not be needed very
frequently, so I think a simpler approach may be simply to prevent
a chrooted process from calling chroot() again: i.e., prevent nesting.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Oct 23 2002 - 22:00:44 EST