On 10/03/2021 20:33, Jann Horn wrote:
> On Wed, Mar 10, 2021 at 8:23 PM Eric W. Biederman
> wrote:
>>
>> Mickaël Salaün writes:
>>
>>> From: Mickaël Salaün
>>>
>>> Being able to easily change root directories enable to ease some
>>> development workflow and can be used as a tool to strengthen
From: Eric W. Biederman
> Sent: 10 March 2021 19:24
...
> The actual classic chroot escape is.
> chdir("/");
> chroot("/somedir");
> chdir("../../../..");
That one is easily checked.
I thought something like:
chroot("/somedir");
chdir("/somepath");
Friendly process:
mvdir("/somedir/some_path", "
On Wed, Mar 10, 2021 at 8:23 PM Eric W. Biederman wrote:
>
> Mickaël Salaün writes:
>
> > From: Mickaël Salaün
> >
> > Being able to easily change root directories enable to ease some
> > development workflow and can be used as a tool to strengthen
> > unprivileged security sandboxes. chroot(2)
Mickaël Salaün writes:
> From: Mickaël Salaün
>
> Being able to easily change root directories enable to ease some
> development workflow and can be used as a tool to strengthen
> unprivileged security sandboxes. chroot(2) is not an access-control
> mechanism per se, but it can be used to limit
4 matches
Mail list logo
