Subject: Re: tar ignores filenames that contain `..'
To: David Laight <>
From: Bill Studenmund <>
List: tech-security
Date: 10/31/2002 10:23:32
On Thu, 31 Oct 2002, David Laight wrote:

> Actually netbsd chroot seems to have fixed the easy escape,
> can fchroot be used instead:
> 	fd = open("/",..);
> 	chroot(path);
> 	....
> 	fchroot(fd);

I believe that one workes, but you had to be able to open fd. What does
not work is passing a directory in. Thus if you didn't open fd before the
chroot, you can't get out.

If you opened fd before the chroot, well, you were silly.

Take care,