Kyle Moffett wrote:
David, please do tell myself and Adrian how "locking down" chroot() the way you want will avoid letting root break out through any of the above ways?
As has been said, there are thousands of ways to break out of a chroot. It's just that one of them should not be that chroot lets you walk out. I can't explain it clearer than that. If you don't see it now you probably never will.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
- Follow-Ups:
- Re: Chroot bug
- From: Kyle Moffett <[email protected]>
- Re: Chroot bug
- From: Olivier Galibert <[email protected]>
- Re: Chroot bug
- References:
- Re: sys_chroot+sys_fchdir Fix
- From: David Newall <[email protected]>
- Re: sys_chroot+sys_fchdir Fix
- From: "Serge E. Hallyn" <[email protected]>
- Re: sys_chroot+sys_fchdir Fix
- From: David Newall <[email protected]>
- Re: sys_chroot+sys_fchdir Fix
- From: "Serge E. Hallyn" <[email protected]>
- Re: sys_chroot+sys_fchdir Fix
- From: David Newall <[email protected]>
- Chroot bug (was: sys_chroot+sys_fchdir Fix)
- From: David Newall <[email protected]>
- Re: Chroot bug (was: sys_chroot+sys_fchdir Fix)
- From: Alan Cox <[email protected]>
- Re: Chroot bug
- From: David Newall <[email protected]>
- Re: Chroot bug
- From: Alan Cox <[email protected]>
- Re: Chroot bug
- From: David Newall <[email protected]>
- Re: Chroot bug
- From: Adrian Bunk <[email protected]>
- Re: Chroot bug
- From: Kyle Moffett <[email protected]>
- Re: sys_chroot+sys_fchdir Fix
- Prev by Date: Re: Chroot bug
- Next by Date: Re: sys_chroot+sys_fchdir Fix
- Previous by thread: Re: Chroot bug
- Next by thread: Re: Chroot bug
- Index(es):
 |