chroot(2)
Larry Dighera
root at conexch.UUCP
Sun Dec 11 11:08:16 AEST 1988
In article <157 at ecicrl.UUCP> clewis at ecicrl.UUCP (Chris Lewis) writes:
>
>Thanks Henry (and literally dozens of others) for pointing out the problems
>of world-executable chroot. What a dumb question to ask.
[...]
The System V.3 _System_Calls_and_Library_Routines manual states on the
chroot(2) page:
" The effective user ID of the process must be super-user to
change the root directory."
The permission mode of the SysV.3 chroot command file really only
applies to super-users, since the kernel will enforce the above.
Were chroot to be world-executable, the fact remains that your
effective ID would still have to be 0 in order to successfully
execute chroot. If chroot were owned by root, I suppose, setting
the SUID bit on the file would circumvent this safeguard.
Larry Dighera
--
USPS: The Consultants' Exchange, PO Box 12100, Santa Ana, CA 92712
TELE: (714) 842-6348: BBS (N81); (714) 842-5851: Xenix guest account (E71)
UUCP: conexch Any ACU 2400 17148425851 ogin:-""-ogin:-""-ogin: nuucp
UUCP: ...!uunet!turnkey!conexch!root || ...!trwrb!ucla-an!conexch!root
More information about the Comp.unix.wizards
mailing list