On Sun, Jun 8, 2014 at 2:24 AM, Janne Johansson <icepic...@gmail.com> wrote:
> I don't think there is a word for "chroot back".
I don't think you read, understood, and executed the sample.
After chroot("/"), or chroot(FOO), you can't mknod(2), therefore the
description is wrong.
Once you limit yourself
> into a chroot, you are stuck in it and get special treatment until you
> exit. Apart from why mknod wants to fail inside chroots, having a simple
> syscall being able to take you out of it would defeat the whole purpose, no?
>
>
>
> 2014-06-08 4:36 GMT+02:00 Andres Perera <andre...@zoho.com>:
>
>> The description of EINVAL in mknod(2) is wrong:
>>
>> [EINVAL] The process is running within an alternate root
>> directory, as created by chroot(2).
>>
>> Even if a process chroot()s back to /, it can't create a device node.
>>
>> The program below exits with EINVAL:
>>
>> #include <sys/stat.h>
>> #include <unistd.h>
>>
>> int main() {
>> chroot("/");
>> if (mknod("/t", 0x21b6, 0x1600) == -1) /* stdin amd64 */
>> err(1, "mknod");
>> }
>>
>> On Sat, Jun 7, 2014 at 2:42 PM, Miod Vallat <m...@online.fr> wrote:
>> >> >> Is this some kind of security protection ?
>> >> >
>> >> > of course... see mknod(2).
>> >>
>> >> i read it and still does not understand.
>> >
>> > Check the description of EINVAL.
>>
>>
>
>
> --
> May the most significant bit of your life be positive.
