On Wed, May 13, 2026 at 09:17:51AM +0100, Joe Orton wrote: > IIRC chroot jails are relatively easy to escape?
They are if you are root: you can create a device and remount the root inside the chroot. A non-privilegied user cannot do that, but we could imagine an attacker tricking the root privilegied httpd parent(*) process into doing the dirty work. The point here may be so specify what the child can cause the parent process to do. Anything not specified is a security violation. (*) Is it called master? Or parent? Perhaps the document should define the approriate term. -- Emmanuel Dreyfus [email protected]
