On Thu, 20 Sep 2007 15:37:54 +0200
Jan Danielsson <jan.m.danielsson@gmail.com> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> Martin Husemann wrote:
> >> Oh.  That device's aliased outside the chroot, too, in the
> >> original /dev. And init might have a reference to it, too, if it's
> >> the console.
> > 
> > Does login in via ssh and exiting cause the same changes? 
> 
>    No.
> 
>    Does this mean anything to you guys? As in "Now try to ...".

As others have noted, when you log in on the console you're using file
devices that are on a different device, one opened by init before the
chroot.  That may be an important clue, though I won't speculate on
what it signifies.

One related question: are you using ptyfs?


		--Steve Bellovin, http://www.cs.columbia.edu/~smb