Date: Mon, 24 Feb 1997 10:28:40 -0700 (MST) From: Terry Lambert <terry@lambert.org> To: proff@iq.org (Julian Assange) Cc: phk@critter.dk.tfs.com, hackers@freebsd.org, security@freebsd.org Subject: Re: o [1997/02/01] bin/2634 rtld patches for easy creation of chroot enviroments Message-ID: <199702241728.KAA24627@phaeton.artisoft.com> In-Reply-To: <199702241328.AAA10815@profane.iq.org> from "Julian Assange" at Feb 25, 97 00:28:33 am
next in thread | previous in thread | raw e-mail | index | archive | help
> The primary reason chroot() is rarely used is because it is painful > to use. LD_CHROOT makes it very, very easy to use. That said, I > have absolutely no doubt chroot() is used more than LD_LIBRARY_PATH, > LD_PRELOAD, LD_IGNORE_MISSING_OBJECTS, LD_TRACE_LOADED_OBJECTS, > LD_BIND_NOW, LD_SUPPRESS_WARNINGS and LD_WARN_NON_PURE_CODE put > together. The chroot/shared library interaction is the only painful element in using chroot(). This should be "fixed" with a loopback mount, rather than by the granting of a path lookup exception. In general, the use of a NULL chroot vp in a proc struct to indicate a non-chroot'ed process to namei(), is a bad thing. This special case code should go (and if it did, so would LD_CHROOT's utility). This would leave each process running on its own root vnode, effectively, and by default that vnode would be the real root. To resolve the mount covering FS geometry change update problem (which is *NOT* resolved in the chroot case currently, and is kludge-resolved in the non-chrooted process by reevaluation of the root vnode in the case of a NULL chroot vnode), you would need to use a vnode pointer pointer for the chroot vnode, and an addref/release mechanism for the pointer pointer reference to the pointer so that a placeholder vnode that wasn't a mount point could be freed when its last reference went away. Regards, Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702241728.KAA24627>