Re: Chroot breach in 2.1.100+

Linus Torvalds (torvalds@transmeta.com)
Sun, 20 Sep 1998 16:28:04 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Richard Gooch: "Re: Today Linus redesigns the networking driver interface (was Re: tulip driver in ...)"
Previous message: Russell Lambert: "Re: Confusing AIC 7xxx driver messages"

On Sun, 20 Sep 1998, Alexander Viro wrote:
>
> In some cases chroot jail can be broken by process with UID==0.

Forget "some". Make that "all".

If you allow root privileges inside a chroot environment, people _will_ be
able to break out. Using /proc is just one way (device nodes, "ptrace()"
and others are other fairly easy ways to do the same).

Essentially chroot is not meant to be root-secure.

Linus

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Richard Gooch: "Re: Today Linus redesigns the networking driver interface (was Re: tulip driver in ...)"
Previous message: Russell Lambert: "Re: Confusing AIC 7xxx driver messages"