Date: Sun, 27 Sep 2020 17:20:41 -0500 From: Kyle Evans <kevans@freebsd.org> To: Yuri <yuri@rawbw.com> Cc: Warner Losh <imp@bsdimp.com>, Freebsd hackers list <freebsd-hackers@freebsd.org> Subject: Re: Is it possible to exit the chroot(2) environment? Message-ID: <CACNAnaHOWej5XGE4kDgAW_Mo-OR3CDKcFRm3%2Bj6VF=d6_d5qpg@mail.gmail.com> In-Reply-To: <3d17ea59-0e85-4e33-f426-deec99f07b83@rawbw.com> References: <b6412618-02ec-1dbd-f474-b4412d7b774b@rawbw.com> <CANCZdfqJ14-Cpvi9%2Bd%2BHRgWbHk7vDUNNOKLUVOC9iBUqZKX=Pw@mail.gmail.com> <CACNAnaFVg2yZnWbfC=MmPfQ==XZYssHFuz%2BCjz%2B67TkZ108qRA@mail.gmail.com> <CACNAnaF-psLeTzwk=HygP4ESEynRyR-m62T1FAjw=ON6J2PVTg@mail.gmail.com> <a488f94a-6efc-27f3-d0a4-489f6f99772d@rawbw.com> <CACNAnaG_u1aVRJpKeb9n0rK4UqRRZDGBt7i=iRtPf-7kxqYQBw@mail.gmail.com> <9fa46833-63c2-a77f-98dd-111f6502dc74@rawbw.com> <CACNAnaFqtpDkd76Z3vAUMcCMwTpMyfy91NPyufeVd%2B8UAqZHKQ@mail.gmail.com> <CANCZdfrzCuR4W-JzoFPyW6WCwVJGwQfuesjmCBMRMSnvfXdv7Q@mail.gmail.com> <CACNAnaGgk6NoxD3kXGpbtAZk%2Bbc%2B2XVc%2B1sO06QU1e%2BKp9CZwQ@mail.gmail.com> <3d17ea59-0e85-4e33-f426-deec99f07b83@rawbw.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Sep 27, 2020 at 4:37 PM Yuri <yuri@rawbw.com> wrote:
>
> On 2020-09-27 13:25, Kyle Evans wrote:
> > +1. I think an additional sentence pointing out that that's the
> > traditional behavior would outline that this is perhaps what's needed,
> > maybe with a specific EPERM reference.
>
>
> The fact that chroot(".") undoes the previous chroot(...) call should
> also be documented, IMO. The current chroot(2) man page doesn't mention
> this.
>
The problem is that chroot(".") is not a sure-fire way to escape the
chroot. It's not that simple- it only works because your working
directory is still outside.
> Also chroot apparently preserves the current working directory for the
> purpose of chroot("."), but not for other purposes.
>
chroot never changes the working directory for any purpose, this is
one of the well-understood flaws of the syscall. It's not preserving
anything specifically for chroot("."), and in-fact you'll find that
"." in other syscalls (e.g. stat) is consistent with what you're
seeing here.
> What if chdir(2) with the same string $OLD_WD is called in the chroot
> environment with root in $ROOT_DIR, i.e. chroot($OLD_WD), and it
> succeeds because there happens to be a directory with the same path
> $OLD_WD in the chroot environment too, i.e. $CHROOT_DIR$OLD_WD is a
> valid directory. Would chroot(".") then change root back to the original
> directory $OLD_WD, or it would change it deeper into the root
> environment directory: $CHROOT_DIR$OLD_WD ?
>
> All this makes for a complex and potentially confusing behavior, which
> should be documented, IMO.
>
chroot would demonstrate the same consistency here. chroot does not
change your working directory, so it doesn't matter how many times you
chroot as long as you don't chdir to some name that resolves within
the chroot.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACNAnaHOWej5XGE4kDgAW_Mo-OR3CDKcFRm3%2Bj6VF=d6_d5qpg>