From: Rob Landley <rob@landley.net>
To: Al Boldi <a1426z@gawab.com>
Cc: Linus Torvalds <torvalds@osdl.org>, Ram Pai <linuxram@us.ibm.com>,
Miklos Szeredi <miklos@szeredi.hu>,
Al Viro <viro@ftp.linux.org.uk>,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH 12/18] shared mount handling: bind and rbind
Date: Wed, 16 Nov 2005 02:47:15 -0600 [thread overview]
Message-ID: <200511160247.15283.rob@landley.net> (raw)
In-Reply-To: <200511160835.28636.a1426z@gawab.com>
On Tuesday 15 November 2005 23:35, Al Boldi wrote:
> Linus Torvalds wrote:
> > This is why we have "pivot_root()" and "chroot()", which can both be used
> > to do what you want to do. You mount the new root somewhere else, and
> > then you chroot (or pivot-root) to it. And THEN you do 'chdir("/")' to
> > move the cwd into the new root too (and only at that point have you
> > "lost" the old root - although you can actually get it back if you have
> > some file descriptor open to it).
>
> Wouldn't this constitute a security flaw?
>
> Shouldn't chroot jail you?
A few years ago I had a build script that compiled a new Linux From Scratch
system I could chroot into, and one of the things in the new chroot
environment was a different boot loader. And for testing purposes (and with
a boot CD standing by) I would chroot into this new environment and run the
lilo in it to add the new test kernel into the boot option list.
One day, I upgraded to a new kernel version and it stopped working, because
chroot had acquired some unwanted security feature that prevented lilo from
properly talking to /dev/hda from within a chroot environment.
I remember being rather put out by this.
Chroot is sometimes used for other purposes than "security".
Rob
next prev parent reply other threads:[~2005-11-16 8:48 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-11-08 2:01 [PATCH 12/18] shared mount handling: bind and rbind Al Viro
2005-11-08 14:11 ` Miklos Szeredi
2005-11-08 15:48 ` Ram Pai
2005-11-08 15:55 ` Miklos Szeredi
2005-11-09 18:44 ` Ram Pai
2005-11-09 18:59 ` Linus Torvalds
2005-11-09 19:26 ` Al Viro
2005-11-09 19:28 ` Ram Pai
2005-11-16 3:29 ` Rob Landley
2005-11-16 3:53 ` Linus Torvalds
2005-11-16 5:35 ` Al Boldi
2005-11-16 8:19 ` Miklos Szeredi
2005-11-16 9:10 ` Rob Landley
2005-11-16 10:14 ` Miklos Szeredi
2005-11-16 13:59 ` Shaya Potter
2005-11-16 16:35 ` Miklos Szeredi
2005-11-16 20:05 ` Al Boldi
2005-11-16 20:21 ` Shaya Potter
2005-11-16 8:47 ` Rob Landley [this message]
2005-11-16 8:41 ` Rob Landley
2005-11-16 16:18 ` Linus Torvalds
2005-11-09 10:54 ` Miklos Szeredi
2005-11-09 14:31 ` Al Viro
2005-11-09 15:22 ` Miklos Szeredi
2005-11-09 15:56 ` Al Viro
2005-11-09 16:33 ` Miklos Szeredi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200511160247.15283.rob@landley.net \
--to=rob@landley.net \
--cc=a1426z@gawab.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxram@us.ibm.com \
--cc=miklos@szeredi.hu \
--cc=torvalds@osdl.org \
--cc=viro@ftp.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).