Re: [PATCH] User chroot

From: H. Peter Anvin (
Date: Tue Jun 26 2001 - 23:24:05 EST

Albert D. Cahalan wrote:

> Normal users can use an environment provided for them.
> While trying to figure out why the "heyu" program would not
> work on a Red Hat box, I did just this. As root I set up all
> the device files needed, along Debian libraries and the heyu
> executable itself. It was annoying that I couldn't try out
> my chroot environment as a regular user.
> Creating the device files isn't a big deal. It wouldn't be
> hard to write a setuid app to make the few needed devices.
> If we had per-user limits, "mount --bind /dev/zero /foo/zero"
> could be allowed. One way or another, devices can be provided.

Hell no! This would give the user a way to subvert root or other
system-provided things by having device nodes or such appear where they
aren't expected. NOT GOOD.


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

This archive was generated by hypermail 2b29 : Sat Jun 30 2001 - 21:00:15 EST