Fwd: Fwd: Getting path in inode_permission
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Thu Feb 12 15:23:02 EST 2015
On Thu, 12 Feb 2015 23:41:18 +0530, noyb noybee said:
> On Thu, Feb 12, 2015 at 3:44 AM, <Valdis.Kletnieks at vt.edu> wrote:
> > How about you concentrate on "how were they able to access files outside
> > the chroot in the first place"?
> So, closing all open file descriptors that are outside the new root
> directory + changing the CWD + blocking any mounts.
That's a good start.
Now, for bonus points - explain why you wanted something inside a chroot
to be able to access something outside the chroot.
(Hint - why can't you just bind-mount it into the chroot hierarchy before
launching the chroot'ed program?)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
Url : http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20150212/06b8b7ef/attachment.bin
More information about the Kernelnewbies
mailing list