Re: Chroot bug

From: Olivier Galibert
Date: Wed Sep 26 2007 - 06:45:28 EST

Next message: Martin Michlmayr: "Re: Network slowdown due to CFS"
Previous message: Alan Cox: "Re: Chroot bug"
In reply to: David Newall: "Re: Chroot bug"
Next in thread: David Newall: "Re: Chroot bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Sep 26, 2007 at 07:57:38PM +0930, David Newall wrote:
> As has been said, there are thousands of ways to break out of a chroot.
> It's just that one of them should not be that chroot lets you walk out.

chroot does not allow you to walk out if you're in. It only allows
you to walk outside if you're *already* out. That's the way it is
defined. Those who want some kind of chroot for security reasons
should look at (BSD's ?) jail, and/or hypervisors.

OG.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Martin Michlmayr: "Re: Network slowdown due to CFS"
Previous message: Alan Cox: "Re: Chroot bug"
In reply to: David Newall: "Re: Chroot bug"
Next in thread: David Newall: "Re: Chroot bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]