tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Relax the prohibition of usage fchdir(2) to quit a chroot



On Sep 21, 2014, at 9:14 AM, Manuel Bouyer <bouyer%antioche.eu.org@localhost> wrote:

> On Sun, Sep 21, 2014 at 04:28:37AM -0700, Paul Goyette wrote:
>> IMHO, we should not implement this "feature".  We should not introduce ways
>> to avoid deliberate, well-thought-out security mechanisms.
>> 
>> The use-case itself is broken, in my opinion.
> 
> Strongly seconded.

fork() adequately solves this problem for the use case that was put forward. There’s no need to go breaking things.

Warner

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail



Home | Main Index | Thread Index | Old Index