Date: Mon, 9 Sep 1996 13:26:21 -0500 From: rkw@dataplex.net (Richard Wackerbarth) To: security@freebsd.org Subject: Question about chroot Message-ID: <v02140b0bae5a10f1521b@[208.2.87.4]>
next in thread | raw e-mail | index | archive | help
In looking at some of the "make" problems, I ran up against a characteristic of "chroot" that puzzles me. In order to chroot, you must be root. Why? It appears to me than the only thing that chroot does is to restrict the "visable" tree. It does not ADD anything that is not already there. If that is the case, why wouldn't it be good enough for chroot to be suid root and allow any user to execute it? Am I overlooking some security hole?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v02140b0bae5a10f1521b>