Re: [PATCH 4/4] Allow unprivileged chroot when safe

[Jamie Lokier]

Colin Walters wrote:
> On Sun, 2012-01-15 at 16:37 -0800, Andy Lutomirski wrote:
> 
> > Because chroot is an easy way to break out of chroot jail, CAP_SYS_ADMIN
> > is still required if the caller is already chrooted.
> 
> This part is pretty gross.  It means it won't work for stuff like
> containers (systemd-nspawn etc.) and furthermore

> I have plans that involve running OS trees inside a chroot, and this
> would obviously not work for that.

Indeed, I do run many of my machines inside a chroot.
The real filesystem has:

    /distro/that
    /distro/newer
    /distro/this

instead of partitions.  I'm chroot'd and fully booted up in
/distro/this, although I can see files in the others and I might run a
few things from them as well.

This isn't "userland chroot", it's the top level of the process tree:
/distro/this/sbin/init.  It would be a shame if it behaved differently
just because "it's a chroot".

-- Jamie
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/