Subject: Re: chroot jail for ftpd
To: None <>
From: Jonathan Stone <jonathan@DSG.Stanford.EDU>
List: tech-kern
Date: 10/18/2001 15:11:26
>Right, I know that one ... attached is a patch which should fix it.

thanks. You the man.

I was acutlally wondering about hacking ld.{elf_}so  -- or wherever
LD_PRELOAD and LD_LIBRARY_PATH are acutally implemented; <dlfcn.h>? --
to check each element of a path and check for crossing over mountpoints
which are mounted noexec, and skipping those search-paths altogether.

Not to close the security loophole -- we agree on the right place for
that -- but to give cleaner semantics to anyone fishing for loopholes.