From owner-freebsd-hackers  Wed May 28 21:41:42 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id VAA23852
          for hackers-outgoing; Wed, 28 May 1997 21:41:42 -0700 (PDT)
Received: from phoenix.its.rpi.edu (dec@phoenix.its.rpi.edu [128.113.161.45])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id VAA23847
          for <hackers@FreeBSD.ORG>; Wed, 28 May 1997 21:41:35 -0700 (PDT)
Received: from localhost (dec@localhost)
	by phoenix.its.rpi.edu (8.8.5/8.8.5) with SMTP id AAA08549;
	Thu, 29 May 1997 00:41:44 -0400 (EDT)
Date: Thu, 29 May 1997 00:41:43 -0400 (EDT)
From: "David E. Cross" <dec@phoenix.its.rpi.edu>
To: Warner Losh <imp@village.org>
cc: Peter Korsten <peter@grendel.IAEhv.nl>, Jaye Mathisen <mrcpu@cdsnet.net>,
        hackers@FreeBSD.ORG
Subject: Re: Correct way to chroot for shell account users? 
In-Reply-To: <E0wWwU6-000283-00@rover.village.org>
Message-ID: <Pine.BSF.3.95q.970529004028.7640A-100000@phoenix.its.rpi.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Could someone give me some simple details of how to break out of a chroot
'jail' (without relying on kernfs or raw devices), I have heard of this
before, but no one has given me a theory or code of how to do it.

(Just curious)
David Cross