On Thu, Nov 16, 2000 at 03:07:04PM +0100, Matthias Andree wrote:
> It shows a program that saves the cwd -- open(".",...) in an open file,
> then chroots [..]
This is known behaviour (I know Alan knows about it too), solution is to close
open directories filedescriptors before chrooting.
Everything that happens before chroot(2) is trusted, so it's secure to rely
on it to close directories first.
If this is not well documented and people doesn't know about it and so they
writes unsafe code that's another issue...
Andrea
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.tux.org/lkml/
