Subject: Re: chroot(2)
To: None <firstname.lastname@example.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
Date: 10/04/1998 08:47:40
> I still like the idea of being able to dissable syscalls for a
> process and its children.
This could be useful, though it can also be dangerous, especially when
a new syscall gets added (eg, pread/pwrite - if you the application
author have disabled read/write, how are you to know that you now need
to disable pread/pwrite as well?) or renamed (consider versioning).
> I think it would be worthwhile though to avoid limiting the feature
> to non-root chroot(2)'d processes.
Heh. I don't think I ever suggested blanket forbidding certain
syscalls to non-root-chroot()ed processes. I suggested suppressing
set-id bits (which when not suppressed would be used by exec*(), but I
don't suggest disabling exec*()) and I suggested disabling chdir/fchdir
when the to-be-changed-to directory is not under the processes' root
7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B