On Sat, May 07, 2005 at 08:10:27PM +0300, Gilad Ben-Yossef wrote:

  Can you give more details about what you wrote?


> Shaul Karl wrote:
> >   On my Debian machine only root is permitted to chroot(2). What are the
> > cons for having a regular user chroot? Are there any patches floating 
> > around to change that? 
> > 
> 
> 
> If there exists any dynamically linked SUID root binary in the system


  What do you mean by dynamically linked SUID root binary? For me,
`dynamically linked' is associated with libraries, while a binary is the
same as executable and suid is only for executables. In short, what is
my mistake?


> (e.g. ping) which a user can contain in a directory such that the


  What is the difference between what you refer to and a simple cp of an
suid executable to somewhere under the user home directory?


> regular directory structure puts files controlled by the user in
> directories that would become, for example, /lib or /usr/lib after
> chroot and then chroot inside it you have effectively given this user
> root privileges.
> 


  How all this would give him root privileges?
There are systems where a regular user can chroot, aren't there? Can
you name them?

=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Reply via email to