Re: [PATCH 4/4] Allow unprivileged chroot when safe

From: Colin Walters
Date: Mon Jan 16 2012 - 14:26:28 EST

Next message: Linus Torvalds: "Re: [git patches] libata updates for 3.3"
Previous message: Linus Torvalds: "Re: [git patches] libata updates for 3.3"
Next in thread: Andy Lutomirski: "Re: [PATCH 4/4] Allow unprivileged chroot when safe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 2012-01-15 at 16:37 -0800, Andy Lutomirski wrote:

> Because chroot is an easy way to break out of chroot jail, CAP_SYS_ADMIN
> is still required if the caller is already chrooted.

This part is pretty gross. It means it won't work for stuff like
containers (systemd-nspawn etc.) and furthermore I have plans that
involve running OS trees inside a chroot, and this would obviously not
work for that.

Incidentally I ended up putting my setuid program here:
http://git.gnome.org/browse/linux-user-chroot/

Now unfortunately, even if we say that a new setuid program is the way
to gain these privileges, you still can't nest it, because all of these
things are predicated on disabling setuid programs. But it would at
least not fail initially if your process was inside a chroot.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: [git patches] libata updates for 3.3"
Previous message: Linus Torvalds: "Re: [git patches] libata updates for 3.3"
Next in thread: Andy Lutomirski: "Re: [PATCH 4/4] Allow unprivileged chroot when safe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]