Re: [PATCH v3 4/4] Allow unprivileged chroot when safe

From: Colin Walters
Date: Mon Jan 30 2012 - 16:59:19 EST


On Mon, 2012-01-30 at 08:17 -0800, Andy Lutomirski wrote:
> Chroot can easily be used to subvert setuid programs. If no_new_privs,
> then setuid programs don't gain any privilege, so allow chroot.

Is this needed/desired by anyone now, or are you just using it to "demo"
NO_NEW_PRIVS? I don't see it as very useful on its own, since in any
"container"-type chroot you really want /proc and /dev, and your patch
doesn't help with that.

System daemons that do chroot for a modicum of security already start
privileged, so this doesn't help them either.



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/