On Wed, 19 Sep 2007 09:19:50 +0200I thought this was to prevent breaking out of chroot as a normal user.
majkls <majkls@xxxxxxxxxxx> wrote:
Hello,
here is an fix to an exploit (obtained somewhere in internet). This exploit can workaround chroot with CAP_SYS_CHROOT. It is also possible (with sufficient filedescriptor (if there is na directory fd opened in root) workaround chroot with sys_fchdir. This patch fixes it.
If you have the ability to use chroot() you are root. If you are root you
can walk happily out of any chroot by a thousand other means.