tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: core statement on fexecve, O_EXEC, and O_SEARCH

    Date:        Wed, 5 Dec 2012 03:02:09 +0000
    From:        "Roland C. Dowdeswell" <>
    Message-ID:  <>

  | Let's not lose sight of the fact that chroot can most certainly
  | compromise security if used improperly

Yes, of course, there can be security issues with almost everything,
and with this more than many - I wasn't intending to say that seurity
can be ignored when using chroot (it is a root only facility for good
reason, and should be used with as much care as any other root only
facility), just that if we stop seeing it as a security solution, then
when other things are being considered, we can stop worrying whether
or not they defeat chroot's "security solution" or not.


Home | Main Index | Thread Index | Old Index