--8P1HSweYDcXXzwPJ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Mar 09, 2005 at 10:18:25AM +0100, Steinar Hamre wrote:
> Steinar Hamre <steinarh@pvv.ntnu.no> writes:
>=20
> > 2. rename() of directories inside the chroot to the outside. (worse)
> >    (collaborator on the outside "needed".)
>=20
> Hmm... I can't see how the current scheme; the checks in fchdir(2) and
> fchroot(2), denies this. Consider:

They don't. The check in lookup for '..' does that. These checks add=20
further protection to make sure a file descriptor outside of the cage=20
doesn't turn into a back-door out.

Take care,

Bill

--8P1HSweYDcXXzwPJ
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQFCLyahWz+3JHUci9cRAh4BAJ9cFAP5VdAXCrd6LA4U8cA4flPysgCfQDWF
h8o5ABXYSIcfXqOGGGM2bUs=
=1kl5
-----END PGP SIGNATURE-----

--8P1HSweYDcXXzwPJ--