> if users can use chroot...then it follows [...]

> it seems to me that simply disabling suid executables in chrooted
> environments would work quite well against this.

Yes, it would.

> something like checking
> curproc->p_fd->fd_rdir <=> proc0->p_fd->fd_rdir would tell you if it
> was chrooted, eh?

Yes, it would.

However, if *root* did the chroot, there's no need to disable set-id.
That's why I proposed a separate state bit for the process, indicating
that it has done a non-root chroot.  (Root processes that want to
chroot and then become non-root and drop ability to set-id can do it by
doing a chroot("/") after becoming non-root.)

					der Mouse

			       mouse@rodents.montreal.qc.ca
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B