lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 26 Sep 2007 20:43:44 +0930
From:	David Newall <david@...idnewall.com>
To:	Olivier Galibert <galibert@...ox.com>,
	Kyle Moffett <mrmacman_g4@....com>,
	Adrian Bunk <bunk@...nel.org>,
	Alan Cox <alan@...rguk.ukuu.org.uk>,
	"Serge E. Hallyn" <serge@...lyn.com>,
	Bill Davidsen <davidsen@....com>,
	Philipp Marek <philipp@...ek.priv.at>, 7eggert@....de,
	majkls <majkls@...pere.com>, bunk@...tum.de,
	linux-kernel@...r.kernel.org
Subject: Re: Chroot bug

Olivier Galibert wrote:
> chroot does not allow you to walk out if you're in.

You're mistaken.  Or more properly, further use of chroot lets you walk 
out.  This really has been said before, and before, and before.

    chroot("subtree");   // enter chroot
    chdir("/");    // now at subtree
    chroot("/tmp");   // now outside of chroot


BSD redefined chroot so that the working directory is set to the new 
root on subsequent uses of chroot; that's how they solved the bug.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ