On 10/05/2013 06:22:15 PM, Linus Torvalds wrote:
On Sat, Oct 5, 2013 at 4:17 PM, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> So learn this pattern: every time you use chroot, add a simple
>
> chdir("/");
>
> immediately after the chroot call.
.. btw, also make sure that you close all non-essential file
descriptors. Having any open directory file descriptors pointing to
outside the chroot is also a classic escape.
Even then, escaping chroot is usually fairly easy. Making a
escape-proof chroot is really quite hard. Basically impossible if you
allow root.
Which is why containers have all sorts of extra plumbing. But that
extra plumbing is currently built on pivot_root(), not on chroot(). And
I'd dismissed pivot_root() as residue from initramfs with all that
kernel thread reparenting, so it seemed like the wrong tool for the
job, but obviously I'll take your and Al's word it's not...
Rob--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
