Subject: Re: tar ignores filenames that contain `..'
To: David Laight <david@l8s.co.uk>
From: Bill Studenmund <wrstuden@netbsd.org>
List: tech-security
Date: 10/31/2002 10:23:32
On Thu, 31 Oct 2002, David Laight wrote:
> Actually netbsd chroot seems to have fixed the easy escape,
> can fchroot be used instead:
> fd = open("/",..);
> chroot(path);
> ....
> fchroot(fd);
I believe that one workes, but you had to be able to open fd. What does
not work is passing a directory in. Thus if you didn't open fd before the
chroot, you can't get out.
If you opened fd before the chroot, well, you were silly.
Take care,
Bill