> 	hey guys, /usr/sbin/chroot can not possibly work out.
> if it ever leaves experimental status and goes setuid in a release,
> here is what will happen:
> [ ... ]

Funny, that it exactly an example of _why_ chroot is _not_ setuid, and
why past calls to have it made setuid have been resisted.

chroot is intended for use only by root; if you make it setuid it has
exactly (or something similar to) the vulnerability you describe.


I'm sure that past discussions have been logged somewhere in the
mailing list archives...


cgd