NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: ptyfs and chroot environments
In article <240b76ae277773d149a930ffa648fcd8.squirrel%www.duzan.org@localhost>,
<gary%duzan.org@localhost> wrote:
>=> On Apr 1, 3:55pm, gary%duzan.org@localhost (gary%duzan.org@localhost)
>wrote:
>=> -- Subject: Re: ptyfs and chroot environments
>=>
>=> | => It needs to be adapted, but it is a non trivial amount of work.
>=> |
>=> | Just a random idea: would a null mount of /dev/pts into the chroot
>=> | work? (I don't have it set up at the moment to test it.)
>=>
>=> This is not ideal because it will expose ptys from outside the chroot to
>=> the chroot.
>
> Yeah, naturally I thought of that after I sent it. It does seem like
>something fairly custom would need to be done for this to work and be
>(relatively) secure. Still, if you absolutely need ptyfs to work,
>depending on the the situation it might be worth the security hit.
I just added a Google SoC entry for multiple ptyfs mounts. If someone takes
it, I'll mentor it.
christos
Home |
Main Index |
Thread Index |
Old Index