From mboxrd@z Thu Jan 1 00:00:00 1970 From: Eric Van Hensbergen Subject: Re: [PATCH] private mounts Date: Sun, 1 May 2005 10:41:30 -0500 Message-ID: References: <20050425071047.GA13975@vagabond> <20050430094218.GA32679@mail.shareable.org> <20050430143609.GA4362@mail.shareable.org> <20050430164258.GA6498@mail.shareable.org> <20050430235453.GA11494@mail.shareable.org> Reply-To: Eric Van Hensbergen Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7BIT Cc: jamie@shareable.org, hch@infradead.org, bulb@ucw.cz, viro@parcelfarce.linux.theplanet.co.uk, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, akpm@osdl.org Return-path: Received: from wproxy.gmail.com ([64.233.184.195]:14430 "EHLO wproxy.gmail.com") by vger.kernel.org with ESMTP id S261656AbVEAPlb convert rfc822-to-8bit (ORCPT ); Sun, 1 May 2005 11:41:31 -0400 Received: by wproxy.gmail.com with SMTP id 68so1347277wri for ; Sun, 01 May 2005 08:41:31 -0700 (PDT) To: Miklos Szeredi In-Reply-To: Content-Disposition: inline Sender: linux-fsdevel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On 5/1/05, Miklos Szeredi wrote: > > As someone pointed out, CAP_SYS_ADMIN processes can already escape the > chroot jail with CLONE_NEWNS. (fd=open("."); clone(CLONE_NEWNS); > [child:] fchdir(fd); chdir("..")) > This really does seem like a bug. Is there are a reason behind this "feature", or should one of us be looking into a patch to correct this? Miklos you earlier suggested: >>>How about fixing fchdir, so it checks whether you gone outside the >>>tree under current->fs->rootmnt? Should be fairly easy to do. -eric