Re: chroot(2) and bind mounts as non-root

From: Alan Cox
Date: Wed Dec 07 2011 - 15:56:14 EST

Next message: Pali Rohár: "RFC: bq2415x_charger driver"
Previous message: Stephen Rothwell: "Re: linux-next: build failure after merge of the memblock tree"
In reply to: H. Peter Anvin: "Re: chroot(2) and bind mounts as non-root"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 07 Dec 2011 12:34:28 -0800
"H. Peter Anvin" <hpa@xxxxxxxxx> wrote:

> On 12/07/2011 09:54 AM, Colin Walters wrote:
> >
> > The historical reason one can't call chroot(2) as non-root is because of
> > setuid binaries (hard link a setuid binary into chroot of your choice
> > with trojaned libc.so).
>
> No. The historical reason is that it lets anyone escape a chroot jail:

Beg to differ

Nobody ever considered chroot a jail except a certain brand of
urban-legend-programming people. Indeed chroot has never been a jail
except in the 'open prison' security sense of it.

The big problem with chroot was abusing setuid binaries - particularly
things like uucp and /bin/mail.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pali Rohár: "RFC: bq2415x_charger driver"
Previous message: Stephen Rothwell: "Re: linux-next: build failure after merge of the memblock tree"
In reply to: H. Peter Anvin: "Re: chroot(2) and bind mounts as non-root"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]