Re: Linux 2.2.18pre21

From: Andrea Arcangeli (andrea@suse.de)
Date: Thu Nov 16 2000 - 11:16:18 EST


On Thu, Nov 16, 2000 at 03:07:04PM +0100, Matthias Andree wrote:
> It shows a program that saves the cwd -- open(".",...) in an open file,
> then chroots [..]

This is known behaviour (I know Alan knows about it too), solution is to close
open directories filedescriptors before chrooting.

Everything that happens before chroot(2) is trusted, so it's secure to rely
on it to close directories first.

If this is not well documented and people doesn't know about it and so they
writes unsafe code that's another issue...

Andrea
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Thu Nov 23 2000 - 21:00:10 EST