Forget "some". Make that "all".
If you allow root privileges inside a chroot environment, people _will_ be
able to break out. Using /proc is just one way (device nodes, "ptrace()"
and others are other fairly easy ways to do the same).
Essentially chroot is not meant to be root-secure.
Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/