On Sat, Dec 24, 2011 at 09:14:44PM -0800, Xin LI wrote: > - Must not break existing and legitimate use of chroot(2), in other > words no semantics change permitted.
Later POSIX drops chroot() completely, so we can feel free of bound of the strong legitimacy. We already have many counterexamples (mainly related to issetugid()). F.e. we disable user locale files - disable functionality. IMHO stopping thinking the way that chroot() is fully equivalent to the root hierarchy will be good starting point here. -- http://ache.vniz.net/ _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
