[1130] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] chroot (1) security hole

daemon@ATHENA.MIT.EDU (Ian Jackson)
Mon Sep 2 03:59:27 1996

Date: Sun, 1 Sep 96 16:55 BST
From: Ian Jackson <ian@chiark.chu.cam.ac.uk>
To: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.LNX.3.94.960826143735.269I-100000@bart.cibi.it>

...
> [REW: Yes. The problem lies in the fact that the current working 
> directory isn't changed by the chroot system call. Could someone
> check the chroot program's sources and report wether it does a 
> chdir ("/"); after the chroot system call. 

It doesn't (on my system, anyway).  I think this is a good thing.  It
means I can test a chroot environment and still have access (via my
current directory) to the full system.

Ian.

home help back first fref pref prev next nref lref last post