lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 27 Sep 2007 10:36:05 -0400
From:	Bill Davidsen <davidsen@....com>
To:	Theodore Tso <tytso@....edu>,
	Christer Weinigel <christer@...nigel.se>,
	David Newall <david@...idnewall.com>,
	Al Viro <viro@....linux.org.uk>,
	Phillip Susi <psusi@....rr.com>,
	Bill Davidsen <davidsen@....com>, majkls <majkls@...pere.com>,
	bunk@...tum.de, linux-kernel@...r.kernel.org
Subject: Re: sys_chroot+sys_fchdir Fix

Theodore Tso wrote:
> On Thu, Sep 27, 2007 at 09:28:08AM +0200, Christer Weinigel wrote:
>   
>> So the OpenBSD man page seems to be in the minority here.  Any portable
>> code can not assume that CWD changes.  And changing the Linux behaviour
>> now would be a rather big change which might break userspace.  And yes,
>> there are applications that rely on this, I've used it when building
>> software for cross compiling.  
>>     
>
> Changing Linux behavior would violate the POSIX and SuSV2
> specifications; the standards explicitly state that the working
> directory will NOT change.  And standards adherance is important; we
> break them only if we have a d*mn good reason.  And trying to make
> chroot() something which it is not (i.e., a secure jail) is certainly
> not a good enough reason.
>
> Can we please end this thread now?  And can we put in a Kernel FAQ
> saying that this is not something which is NOT up for discussion?
>   
It seems there are (at least) two parts to this, one regarding changing 
working directory which is clearly stated in the standards and must work 
as it does, and the various issues regarding getting out of the chroot 
after the cwd has entered that changed root. That second part seems to 
offer room for additional controls on getting out of the chroot which do 
not violate any of the obvious standards, and which therefore might be 
valid candidates for discussion on the basis of benefit rather than 
portability.

-- 
bill davidsen <davidsen@....com>
  CTO TMR Associates, Inc
  Doing interesting things with small computers since 1979

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ