| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <46F91417.9050600@davidnewall.com> Date: Tue, 25 Sep 2007 23:28:47 +0930 From: David Newall <david@...idnewall.com> To: "Serge E. Hallyn" <serge@...lyn.com> CC: Bill Davidsen <davidsen@....com>, Philipp Marek <philipp@...ek.priv.at>, 7eggert@....de, Alan Cox <alan@...rguk.ukuu.org.uk>, majkls <majkls@...pere.com>, bunk@...tum.de, linux-kernel@...r.kernel.org Subject: Re: sys_chroot+sys_fchdir Fix Serge E. Hallyn wrote: > Quoting David Newall (david@...idnewall.com): > >> Serge E. Hallyn wrote: >> >>> Quoting David Newall (david@...idnewall.com): >>> >>> >>>> It might be tidy if pivot_root could be used (instead of a hack based on >>>> a chroot bug), but it'd still be unportable. >>>> >>>> >>> It can. >>> >>> Please re-read my previous msg. >>> >> I read it. Currently pivot_root can't be used to affect a single process. >> > > No. If you unshare your mounts namespace immediately before pivot_root, > then pivot_root will only affect that single process. > Bugger. You're right, I didn't read your previous message; I thought I had but I was wrong. >> unshare(CLONE_NEWNS); >> chdir(new_dir); >> pivot_root(new_dir, oldroot); After further RTFMing, and assuming "any processes or threads which use the old root directory" means what you imply, and surely it does, then I agree: pivot_root already does the job. Does anybody still need to use a bug in chroot? - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists