[ On Mon, October 5, 1998 at 15:30:50 (-0400), der Mouse wrote: ]
> Subject: Re: chroot(2)
>
> This brings up another question: why do chdir and fchdir demand search
> access to the directory?  It's entirely possible for a process to not
> have search access to its cwd (if the access is removed after cwd is
> established), and this doesn't break anything.  Yet - especially when
> using fchdir and relative pathnames to simulate fd-plus-entry versions
> of calls operating on directory entries - it can be useful to chdir to
> a directory one can't search.

I think that's an accident -- i.e. that a process can have a cwd that it
doesn't have search permissions in.  Indeed it could even be considered
to be a feature.  For example if you have a traditional "restricted"
shell (i.e. one that cannot chdir to absolute paths) you can totally
lock a process in place by making both the current and parent
directories unsearchable by that process.  Of course that's not likely
going to do you much good since now that shell won't be able to do
anything but run internal commands and commands in its PATH (which are
presumably also of a restricted nature).

The machinery in the kernel that handles chdir() is not really something
I'd want to change without thinking really long and hard about it....

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>