chroot(2) security

[Jim Webb]

> There is, however, one interesting feature of chroot. It doesn't change
> your current working directory. Thus you can still access files relative
> to the current working directory that your program had, either by chdir
> before the chroot, or by inheriting from the shell.

True, which is why the chroot command does a chdir() to the new root.  Why,
for you could still use .., right?  Wrong.  The kernel interprets .. in the
root directory as the root directory itself, so, for an example, ls -l /..
-- 
Jim Webb             "Out of phase--get help"          ...!ihnp4!hropus!jrw