Subject: Re: chroot(2)
To: None <mouse@Rodents.Montreal.QC.CA>
From: John Kohl <jtk@kolvir.arlington.ma.us>
List: tech-kern
Date: 10/05/1998 12:59:35
>>>>> "dM" == der Mouse <mouse@Rodents.Montreal.QC.CA> writes:
dM> chroot(8)'s spec is that it chroot(2)s (and chdir()s) and then execs.
dM> Since exec fundamentally depends on pathnames, and pathname
dM> interpretation has been changed (that's the whole point!), the
dM> executable must perforce be in the new root.
I was thinking about related issues earlier. For orthogonality, it
might be convenient to have an "fexec" syscall that gets the text vnode
from a file descriptor-reference.
For instance, this would allow "passing dinner" (an executable not
present in the jail) to a prisoner in a chroot jail, via a file
descriptor passing "jail-keeper" process.
--
==John Kohl <jtk@kolvir.arlington.ma.us>, <john_kohl@alum.mit.edu>
Write a poem, share your heart!
Home page: <URL:http://people.ne.mediaone.net/jtk/>
Note new home zip code as of July 1, 1998: 02476