Subject: Re: chroot() behaviour? (was Re: tar ignores filenames that contain
To: Andrew Brown <atatat@atatdot.net>
From: Greywolf <greywolf@starwolf.com>
List: tech-pkg
Date: 10/31/2002 11:31:57
On Thu, 31 Oct 2002, Andrew Brown wrote:
# >What if chroot() were to create/cause exec semantics such that, if not
# >called by a super-user, setuid/setgid would be ignored?
#
# that would be...almost pointless, no?
D'oh. Sorry. I was about to say "no, not really", and I still think this
might actually be useful, if a bit crippling...
# i mean, if the binary weren't
# setuid *at all*, then root could still switch to the appropriate
# uid/gid...
Gah. In my efforts toward thinking about security, were I to actually
implement it, I would have just removed some necessary functionality...
--*greywolf;
--
NetBSD: The Power of Code.