Re: Chroot bug

From: Alan Cox
Date: Wed Sep 26 2007 - 07:16:44 EST

Next message: Alan Cox: "Re: sys_chroot+sys_fchdir Fix"
Previous message: Ingo Molnar: "[patch/backport] CFS scheduler, -v22, for v2.6.23-rc8, v2.6.22.8,v2.6.21.7, v2.6.20.20"
In reply to: David Newall: "Re: Chroot bug"
Next in thread: Miloslav Semler: "Re: Chroot bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> >>> The dot-dot entry in the root directory is interpreted to mean the
> >>> root directory itself. Thus, dot-dot cannot be used to access files
> >>> outside the subtree rooted at the root directory.
> >>>
> >
> > Which is behaviour chroot preserves properly.
> >
> And yet it is the dot-dot entry which is used to access files outside
> the root.

Read it again, and read all the words. Notably "the dot-dot entry *IN*
the root directory". When your current directory is above your root
directory you do not pass through that dot-dot entry.

> Do you believe that when those words were first written, the hidden
> conflict, namely that it permits dot-dot to access files outside the
> subtree, was understood?

Yes. You need to remember the notion of chroot for "security" is a very
new one, and not one that it was designed for. Which as I've said twice
now is why things like vserver and BSD jails have evolved.

Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: sys_chroot+sys_fchdir Fix"
Previous message: Ingo Molnar: "[patch/backport] CFS scheduler, -v22, for v2.6.23-rc8, v2.6.22.8,v2.6.21.7, v2.6.20.20"
In reply to: David Newall: "Re: Chroot bug"
Next in thread: Miloslav Semler: "Re: Chroot bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]