Date: Mon, 9 Sep 1996 13:26:21 -0500 From: rkw@dataplex.net (Richard Wackerbarth) To: security@freebsd.org Subject: Question about chroot Message-ID: <v02140b0bae5a10f1521b@[208.2.87.4]>
index | next in thread | raw e-mail
In looking at some of the "make" problems, I ran up against a characteristic of "chroot" that puzzles me. In order to chroot, you must be root. Why? It appears to me than the only thing that chroot does is to restrict the "visable" tree. It does not ADD anything that is not already there. If that is the case, why wouldn't it be good enough for chroot to be suid root and allow any user to execute it? Am I overlooking some security hole?home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v02140b0bae5a10f1521b>