| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20070927112316.GC18346@thunk.org>
Date: Thu, 27 Sep 2007 07:23:16 -0400
From: Theodore Tso <tytso@....edu>
To: Christer Weinigel <christer@...nigel.se>
Cc: David Newall <david@...idnewall.com>,
Al Viro <viro@....linux.org.uk>,
Phillip Susi <psusi@....rr.com>,
Bill Davidsen <davidsen@....com>, majkls <majkls@...pere.com>,
bunk@...tum.de, linux-kernel@...r.kernel.org
Subject: Re: sys_chroot+sys_fchdir Fix
On Thu, Sep 27, 2007 at 09:28:08AM +0200, Christer Weinigel wrote:
> So the OpenBSD man page seems to be in the minority here. Any portable
> code can not assume that CWD changes. And changing the Linux behaviour
> now would be a rather big change which might break userspace. And yes,
> there are applications that rely on this, I've used it when building
> software for cross compiling.
Changing Linux behavior would violate the POSIX and SuSV2
specifications; the standards explicitly state that the working
directory will NOT change. And standards adherance is important; we
break them only if we have a d*mn good reason. And trying to make
chroot() something which it is not (i.e., a secure jail) is certainly
not a good enough reason.
Can we please end this thread now? And can we put in a Kernel FAQ
saying that this is not something which is NOT up for discussion?
- Ted
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists