Subject: Re: chroot & null mount?
To: None <netbsd-users@NetBSD.org>
From: Peter Bex <Peter.Bex@xs4all.nl>
List: netbsd-users
Date: 08/22/2007 21:05:50
--8CNmCRe8Sh4keFKJ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Aug 22, 2007 at 11:43:58AM -0700, James Hartley wrote:
> Sweet!  Is null mounting /tmp a bad idea?

What's the use of that?
You can do it, but remember that there are ways to exploit programs that
use mktemp instead of mkstemp, for example.

> And for a last lame question, where should I be putting chrooted
> directories?  hier(7) doesn't quite address this.

/var/chroot is the common place to put them, afaik.

> Thank you again.  This discussion has been very educational.

You're welcome.

Regards,
Peter
--=20
http://sjamaan.ath.cx
--
"The process of preparing programs for a digital computer
 is especially attractive, not only because it can be economically
 and scientifically rewarding, but also because it can be an aesthetic
 experience much like composing poetry or music."
							-- Donald Knuth

--8CNmCRe8Sh4keFKJ
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (NetBSD)

iQEVAwUBRsyJDdOrBFwYag3gAQL/4gf+KNcklQF7YGTz14RWK1nRwkgrDl010M5Y
o8zRB62spf4y8hlDvRO6Cf3XjSYX+YRn5R4zxnvIizaVgcNcy/ZTDCStaIsdmk2i
s3JME+dolY2UyoHWgkhwaRQvBNBjEZfhp/MWjh82+pV+uet2T2kOWr3UgtViS5Nc
ovntKiW8nSgBtZWwdzFYmuE2gLGzaNSE0WSbh0iLlndKoklPoj1euyZWcrgDWHNt
5+65JBR+q+gitMQPovZwo7bniP6Ph2Uu6A+axl3YBhw3UalYYmD/+q7DJzYKgPdI
HvnFmQWYIJPZaQc5vnBYWoVpQj/KrSHK2fxcOU43yuE0RtaToKfarQ==
=vPfQ
-----END PGP SIGNATURE-----

--8CNmCRe8Sh4keFKJ--