Re: Chroot breach in 2.1.100+

Alexander Viro (viro@math.psu.edu)
Tue, 22 Sep 1998 00:46:31 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Rik van Riel: "Re: mmap system call ?"
Previous message: Albert D. Cahalan: "Re: Can an NFS server legitimately duplicate directory entry"

Duh. OK, taking my leg out of mouth. I didn't realize that chroot isn't
root-safe. Oh, well...

Nevertheless, the situation seems to be wrong namespace-wise. We have
the following picture:
A
|
V
C<-D
A is mounted on D, D is child of C. The current code does the following:
if we are chroot()ed into A then lookup on ".." from A gives A. If we
are chroot()ed to D it gives C. All security issues aside, it seems to be
wrong. Comments?
Al

-- "You're one of those condescending Unix computer users!" "Here's a nickel, kid. Get yourself a better computer" - Dilbert.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Rik van Riel: "Re: mmap system call ?"
Previous message: Albert D. Cahalan: "Re: Can an NFS server legitimately duplicate directory entry"