From owner-freebsd-hackers  Thu May 29 16:04:35 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id QAA14728
          for hackers-outgoing; Thu, 29 May 1997 16:04:35 -0700 (PDT)
Received: from panda.hilink.com.au (panda.hilink.com.au [203.8.15.25])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id QAA14717
          for <hackers@FreeBSD.ORG>; Thu, 29 May 1997 16:04:28 -0700 (PDT)
Received: (from danny@localhost)
	by panda.hilink.com.au (8.8.5/8.8.5) id JAA11760;
	Fri, 30 May 1997 09:03:54 +1000 (EST)
Date: Fri, 30 May 1997 09:03:53 +1000 (EST)
From: "Daniel O'Callaghan" <danny@panda.hilink.com.au>
To: Bob Bishop <rb@gid.co.uk>
cc: hackers@FreeBSD.ORG
Subject: Re: Correct way to chroot for shell account users?
In-Reply-To: <l03020900afb38f29f0df@[194.32.164.2]>
Message-ID: <Pine.BSF.3.91.970530090251.14689q-100000@panda.hilink.com.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk



On Thu, 29 May 1997, Bob Bishop wrote:

> I'm sure I'm being desperately naive here, but isn't it sufficient for
> safety to make chroot(2) a successful no-op unless / is really / (ie the
> process isn't chrooted already)?

That means that you can't run anon ftp properly in a chrooted file system, 
because ftpd is not allowed to chroot again. 

/*  Daniel O'Callaghan                                                     */
/*  HiLink Internet <http://www.hilink.com.au/>       danny@hilink.com.au  */
/*  FreeBSD - works hard, plays hard...                 danny@freebsd.org  */