[1130] in linux-security and linux-alert archive
Re: [linux-security] chroot (1) security hole
daemon@ATHENA.MIT.EDU (Ian Jackson)
Mon Sep 2 03:59:27 1996
Date: Sun, 1 Sep 96 16:55 BST
From: Ian Jackson <ian@chiark.chu.cam.ac.uk>
To: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.LNX.3.94.960826143735.269I-100000@bart.cibi.it>
...
> [REW: Yes. The problem lies in the fact that the current working
> directory isn't changed by the chroot system call. Could someone
> check the chroot program's sources and report wether it does a
> chdir ("/"); after the chroot system call.
It doesn't (on my system, anyway). I think this is a good thing. It
means I can test a chroot environment and still have access (via my
current directory) to the full system.
Ian.