| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Sep 2007 12:45:00 +0200 From: Olivier Galibert <galibert@...ox.com> To: David Newall <david@...idnewall.com> Cc: Kyle Moffett <mrmacman_g4@....com>, Adrian Bunk <bunk@...nel.org>, Alan Cox <alan@...rguk.ukuu.org.uk>, "Serge E. Hallyn" <serge@...lyn.com>, Bill Davidsen <davidsen@....com>, Philipp Marek <philipp@...ek.priv.at>, 7eggert@....de, majkls <majkls@...pere.com>, bunk@...tum.de, linux-kernel@...r.kernel.org Subject: Re: Chroot bug On Wed, Sep 26, 2007 at 07:57:38PM +0930, David Newall wrote: > As has been said, there are thousands of ways to break out of a chroot. > It's just that one of them should not be that chroot lets you walk out. chroot does not allow you to walk out if you're in. It only allows you to walk outside if you're *already* out. That's the way it is defined. Those who want some kind of chroot for security reasons should look at (BSD's ?) jail, and/or hypervisors. OG. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists