[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#18062: [PATCH] chroot: always change to / if not changing credential
From: |
Bernhard Voelker |
Subject: |
bug#18062: [PATCH] chroot: always change to / if not changing credentials |
Date: |
Sun, 20 Jul 2014 16:36:29 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 |
On 07/20/2014 02:05 PM, Andreas Schwab wrote:
> diff --git a/src/chroot.c b/src/chroot.c
> index 6c2d63f..079759f 100644
> --- a/src/chroot.c
> +++ b/src/chroot.c
> @@ -269,9 +269,10 @@ main (int argc, char **argv)
> usage (EXIT_CANCELED);
> }
>
> - /* Only do chroot specific actions if actually changing root.
> - The main difference here is that we don't change working dir. */
> - if (! is_root (argv[optind]))
> + /* Only do chroot specific actions if actually changing root or if not
> + changing credentials. The main difference here is that we don't
> + change working dir. */
> + if (! is_root (argv[optind]) || !(userspec || groups))
This effectively reverts the idea behind v8.22-94-g99960ee:
chroot: don't chdir() if not changing root
This allows chroot to be used as a light weight tool
to change user identification for a command,
while not changing the current working directory.
It also makes `chroot / true` consistently succeed on
all platforms for non root users.
Now, with the patch:
$ src/chroot / true
src/chroot: cannot change root directory to /: Operation not permitted
... and some tests fail, too.
Why do you think the change is needed?
Is it about chroot(2) or chdir("/) being skipped?
Thanks & have a nice day,
Berny
- bug#18062: [PATCH] chroot: always change to / if not changing credentials, Andreas Schwab, 2014/07/20
- bug#18062: [PATCH] chroot: always change to / if not changing credentials,
Bernhard Voelker <=
- bug#18062: [PATCH] chroot: always change to / if not changing credentials, Andreas Schwab, 2014/07/20
- bug#18062: [PATCH] chroot: always change to / if not changing credentials, Bernhard Voelker, 2014/07/20
- bug#18062: [PATCH] chroot: always change to / if not changing credentials, Andreas Schwab, 2014/07/20
- bug#18062: [PATCH] chroot: always change to / if not changing credentials, Bernhard Voelker, 2014/07/21
- bug#18062: [PATCH] chroot: always change to / if not changing credentials, Bernhard Voelker, 2014/07/22
- bug#18062: [PATCH] chroot: always change to / if not changing credentials, Pádraig Brady, 2014/07/27
- bug#18062: [PATCH] chroot: always change to / if not changing credentials, Bernhard Voelker, 2014/07/31
- bug#18062: [PATCH] chroot: always change to / if not changing credentials, Pádraig Brady, 2014/07/31
- bug#18062: [PATCH] chroot: always change to / if not changing credentials, Bernhard Voelker, 2014/07/31
- bug#18062: [PATCH] chroot: always change to / if not changing credentials, Bernhard Voelker, 2014/07/31