Re: [PATCH v3 4/4] Allow unprivileged chroot when safe

From: Colin Walters
Date: Mon Jan 30 2012 - 16:59:19 EST

Next message: Danny Kukawka: "[PATCH v2 03/16] mmc: fix for some -Wuninitialized warning"
Previous message: Jiri Slaby: "sysfs regression: wrong link counts"
In reply to: Andy Lutomirski: "[PATCH v3 4/4] Allow unprivileged chroot when safe"
Next in thread: Andy Lutomirski: "Re: [PATCH v3 4/4] Allow unprivileged chroot when safe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 2012-01-30 at 08:17 -0800, Andy Lutomirski wrote:
> Chroot can easily be used to subvert setuid programs. If no_new_privs,
> then setuid programs don't gain any privilege, so allow chroot.

Is this needed/desired by anyone now, or are you just using it to "demo"
NO_NEW_PRIVS? I don't see it as very useful on its own, since in any
"container"-type chroot you really want /proc and /dev, and your patch
doesn't help with that.

System daemons that do chroot for a modicum of security already start
privileged, so this doesn't help them either.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Danny Kukawka: "[PATCH v2 03/16] mmc: fix for some -Wuninitialized warning"
Previous message: Jiri Slaby: "sysfs regression: wrong link counts"
In reply to: Andy Lutomirski: "[PATCH v3 4/4] Allow unprivileged chroot when safe"
Next in thread: Andy Lutomirski: "Re: [PATCH v3 4/4] Allow unprivileged chroot when safe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]