Date: Thu, 04 Oct 2001 17:32:16 -0600 From: "Thierry Black" <thierryblack@hotmail.com> To: freebsd-hackers@freebsd.org Subject: chroot Message-ID: <F5avN3qljWwY0VnkB4l000048bc@hotmail.com>
next in thread | raw e-mail | index | archive | help
<html><div style='background-color:'><DIV>hello...</DIV> <DIV> </DIV> <DIV>I am writing one simple network server, and can make the daemon and network code work ok, but I want my server to chroot during the initialization. The problem is this server by design is designed to be installed and run by normal users, and chroot() can only be called by superuser. Because normal users might compile & install it, the server cant be made suid root. (I know normal procedure is to run as root, chroot and drop privileges, but that wont work).</DIV> <DIV> </DIV> <DIV>I have 2 questions:</DIV> <DIV>Why can superuser only use chroot()? (What if normal users could only chroot() to directories in current chroot() environment?)</DIV> <DIV> </DIV> <DIV>Is there anything I can do to restrict directory acacess in my program, or simulate chroot in some other way?</DIV> <DIV> </DIV> <DIV>If possible I want my solution to work on otehr bsd platforms as much as possible too.</DIV> <DIV> </DIV> <DIV>thank you</DIV> <DIV> </DIV> <DIV> </DIV> <DIV> </DIV> <DIV>thierry</DIV> <DIV> </DIV></div><br clear=all><hr>Get your FREE download of MSN Explorer at <a href='http://go.msn.com/bql/hmtag_itl_EN.asp'>http://explorer.msn.com</a><br></html>; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F5avN3qljWwY0VnkB4l000048bc>