On Mon, Aug 27, 2007 at 10:33:06AM +0200, Joachim K?nig wrote:
> David Laight wrote:
> >Isn't it enough to disable such an env variable for suid programs ?
> >Since a user can get the same effect by other means if allowed to write
> >to the program file.
> >  
> If a user could select an emulation root without restrictions it would 
> be very similar to a chroot call (restricted to the emulated binaries).

Actually it is nearer to an overlay mount of the emulation root over /.

	David

-- 
David Laight: david@l8s.co.uk