Date: Fri, 5 Mar 2021 11:06:01 -0600 From: Kyle Evans <kevans@freebsd.org> To: Jamie Gritton <jamie@freebsd.org> Cc: src-committers <src-committers@freebsd.org>, "<dev-commits-src-all@freebsd.org>" <dev-commits-src-all@freebsd.org>, dev-commits-src-main@freebsd.org, jails@freebsd.org Subject: Re: git: d4380c0cdd05 - main - jail: Change both root and working directories in jail_attach(2) Message-ID: <CACNAnaG=S68qgNxJ3M79n7aaOL2_kfit-1acxz6Ap5H1FT7c2Q@mail.gmail.com> In-Reply-To: <202102192213.11JMDoiL080275@gitrepo.freebsd.org> References: <202102192213.11JMDoiL080275@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Feb 19, 2021 at 4:13 PM Jamie Gritton <jamie@freebsd.org> wrote: > > The branch main has been updated by jamie: > > URL: https://cgit.FreeBSD.org/src/commit/?id=d4380c0cdd0517dc038403dd5c99242ce78bdeb5 > > commit d4380c0cdd0517dc038403dd5c99242ce78bdeb5 > Author: Jamie Gritton <jamie@FreeBSD.org> > AuthorDate: 2021-02-19 22:13:35 +0000 > Commit: Jamie Gritton <jamie@FreeBSD.org> > CommitDate: 2021-02-19 22:13:35 +0000 > > jail: Change both root and working directories in jail_attach(2) > > jail_attach(2) performs an internal chroot operation, leaving it up to > the calling process to assure the working directory is inside the jail. > > Add a matching internal chdir operation to the jail's root. Also > ignore kern.chroot_allow_open_directories, and always disallow the > operation if there are any directory descriptors open. > Any reason we shouldn't go ahead and drop the explicit chdir() from jexec(8) and jail(8) now that jail_attach *is* guaranteed to chdir along with its chroot? Thanks, Kyle Evans
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACNAnaG=S68qgNxJ3M79n7aaOL2_kfit-1acxz6Ap5H1FT7c2Q>