On Thu, 12 Feb 2015 23:41:18 +0530, noyb noybee said: > On Thu, Feb 12, 2015 at 3:44 AM, <valdis.kletni...@vt.edu> wrote:
> > How about you concentrate on "how were they able to access files outside > > the chroot in the first place"? > So, closing all open file descriptors that are outside the new root > directory + changing the CWD + blocking any mounts. That's a good start. Now, for bonus points - explain why you wanted something inside a chroot to be able to access something outside the chroot. (Hint - why can't you just bind-mount it into the chroot hierarchy before launching the chroot'ed program?)
pgpap7EJBbfSB.pgp
Description: PGP signature
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies