can chroot be made safe for non-root?

From: Eric Buddington (
Date: Wed Oct 16 2002 - 00:51:06 EST

I am eager to be able to sandbox my processes on a system without the
help of suid-root programs (as I prefer to have none of these on my

Would it be reasonable to allow non-root processes to chroot(), if the
chroot syscall also changed the cwd for non-root processes?

Is there a reason besides standards compliance that chroot() does not
already change directory to the chroot'd directory for root processes?
Would it actually break existing apps if it did change the directory?

(who wishes there were better ways to run untrusted code)
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

This archive was generated by hypermail 2b29 : Wed Oct 23 2002 - 22:00:26 EST