On Sat, Sep 23, 2006 at 07:18:38PM +0300, guy keren wrote: > > foo / # chroot /chroot /bin/bash > > bash-3.1# ./bar > > foo / # ls > > bin boot chroot dev etc home lib lost+found mnt opt proc root > > sbin > > sys tmp usr var > > foo / # > > your program is flawed, and you didn't see it because you didn't check > any errors in it, neither have you read the man page of 'chroot(2)'. > > according to the man page, chroot does NOT change the directory. you > need to change it explicitly in your code. so your program did not > create the so-called "root jail" properly. if you had added a 'chdir' > into the new directory, and then did 'chroot "."', then you'd have done > your job (more) properly.
Sigh. His program didn't create a chroot() jail, IT WAS BREAKING OUT OF ONE. Precisely as described in the chroot(2) manual page. Chroot jails are not safe against root. > if you add error printings to your code, you'll see that your last execl > fails with 'no such file or directory'. Huh? He showed you the output of his program. ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
