On 06/03/11 09:46, n2xssvv.g02gfr12930 wrote: > On 06/03/2011 05:09 PM, Sam Varshavchik wrote: >> JD writes: >> >>> A user process (such as yum), even with root privs, >>> CANNOT JUMP OUT OF THE BOUNDARIES OF IT'S ROOT, >>> NAMELY (for example) /mnt/f15 >> Umm, that's not true. The chroot(2) man page has a nice explanation of >> how a root userid can trivially escape a chroot jail. >> >>> So there is no danger that yum executed within a chrooted environment >>> will affect the enclosing host's yum database (in this case F14). >> Nope, that's definitely possible. >> > My caution maybe well founded, so I will have to do some experimenting > first. > > Thanks for the feedback folks. > No it is NOT. We are not asking you to write a program that uses chroot(2) system call and then do some thing as the man page for the system call depicts, compile it and run it. The chroot(1) user command does no make such exploits at all and has been safely used to put processes in jail for many many years. AFAIK no one has shown that chroot(1) command allows the subsequently forked and chrooted shell and it's children (user commands like yum) to jump out of the boundaries of jail (in your case /mnt/f15). This is the problem with listening to such posts as from the OP who posted the message about chroot(2). -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
