Re: ptyfs and chroot environments

To: netbsd-users%netbsd.org@localhost
Subject: Re: ptyfs and chroot environments
From: christos%astron.com@localhost (Christos Zoulas)
Date: Thu, 1 Apr 2010 21:04:13 +0000 (UTC)

In article <240b76ae277773d149a930ffa648fcd8.squirrel%www.duzan.org@localhost>,
 <gary%duzan.org@localhost> wrote:
>=> On Apr 1,  3:55pm, gary%duzan.org@localhost (gary%duzan.org@localhost) 
>wrote:
>=> -- Subject: Re: ptyfs and chroot environments
>=>
>=> | => It needs to be adapted, but it is a non trivial amount of work.
>=> |
>=> |    Just a random idea: would a null mount of /dev/pts into the chroot
>=> | work? (I don't have it set up at the moment to test it.)
>=>
>=> This is not ideal because it will expose ptys from outside the chroot to
>=> the chroot.
>
>   Yeah, naturally I thought of that after I sent it. It does seem like
>something fairly custom would need to be done for this to work and be
>(relatively) secure. Still, if you absolutely need ptyfs to work,
>depending on the the situation it might be worth the security hit.

I just added a Google SoC entry for multiple ptyfs mounts. If someone takes
it, I'll mentor it.

christos

References:
- Re: ptyfs and chroot environments
  - From: Christos Zoulas
- Re: ptyfs and chroot environments
  - From: gary

Prev by Date: Re: ptyfs and chroot environments
Next by Date: Re: Problem with gpt partitioning in NetBSD-5.0.2 amd64
Previous by Thread: Re: ptyfs and chroot environments
Next by Thread: Re: ptyfs and chroot environments
Indexes:

Home | Main Index | Thread Index | Old Index