Subject: Re: chroot(2)
To: None <firstname.lastname@example.org>
From: Greg A. Woods <email@example.com>
Date: 10/02/1998 21:03:29
[ On Fri, October 2, 1998 at 09:11:32 (-0700), Eduardo E. Horvath wrote: ]
> Subject: Re: chroot(2)
> OTOH, these changes will prevent the OS from virtualizing itself since
> the root -> user -> root transition would be disallowed. Is reaquiring
> root privilege safe under the present scheme?
Allowing a setuid-root process to reacquire its effective ID after
becoming somone else is *never* "safe". Period. End of discussion. It
breaks the basic tennant of Unix super-user and setuid design: the only
way a process can (re)gain privilege is to exec a setuid binary.
Greg A. Woods
+1 416 218-0098 VE3TCP <firstname.lastname@example.org> <robohack!woods>
Planix, Inc. <email@example.com>; Secrets of the Weird <firstname.lastname@example.org>