Re: Chroot bug

From: Miloslav Semler
Date: Wed Sep 26 2007 - 07:35:10 EST

Alan Cox napsal(a):
but many program use this as security feature. So do you think that bind may use vserver?

It would be a lot stronger if it did. A bind running non-root will be
probably safe. A bind running as root can be attacked and break out of a
chroot trivially. I guess it depends how you run bind.
but not bind with selinux. It can chroot, but not does other things. So there is an question: Why we do not fix it. Tell me please some other reason than "you can workaround chroot other ways".

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at