On Sun, Jun 8, 2014 at 12:16 PM, Janne Johansson <icepic...@gmail.com> wrote:
> It feels like you are trying to convince someone that
> chroot("/");
> equals not being chrooted at all.
Not at all. I'm trying to convince someone to explain what chrooted
means, preferably without changing current semantics.
chroot(2), for instance, doesn't mention the term "alternate root
directory" as a well-defined state that includes--but does not limit
itself to--the invoking process' root directory, nor does chroot(2)
reference or allude to the "creation" of an "alternate root
directory".
Am I supposed to consider mknod(2)'s wording authoritative over chroot(2)'s?
Maybe the first step is recognizing that the documentation is unclear
on the subject.
>
> In my view several things happen when a pid is started in a chroot,
> including
> 1. the dir used as a parameter for the chroot will always be its own parent
> dir so that you may never again go above it. You may (haven't checked)
> chroot yourself lower again, but not "stop" the chroot.
> 2. You may not create device nodes since that would make it easy to defeat
> the chroot if root.
>
> This list may be far longer, but I don't think the docs need fixing for the
> chroot("/"); case when mknod:ing.
>
>
>
> 2014-06-08 17:44 GMT+02:00 Andres Perera <andre...@zoho.com>:
>
>> On Sun, Jun 8, 2014 at 3:51 AM, Otto Moerbeek <o...@drijf.net> wrote:
>> > On Sun, Jun 08, 2014 at 02:59:08AM -0430, Andres Perera wrote:
>> >
>> >> On Sun, Jun 8, 2014 at 2:24 AM, Janne Johansson <icepic...@gmail.com>
>> wrote:
>> >> > I don't think there is a word for "chroot back".
>> >>
>> >> I don't think you read, understood, and executed the sample.
>> >>
>> >> After chroot("/"), or chroot(FOO), you can't mknod(2), therefore the
>> >> description is wrong.
>> >
>> > What part is wrong?
>> >
>> > "alternate" directory might happen to be / itself.
>>
>> Even though it's the same directory as the previous root directory?
>>
>> How is it alternate, then?
>>
>> What's alternating, other than the root directory, which is *the same*?
>>
>> Either make this fd_rdir check a string comparison in addition to a
>> null-pointer check or change the docs instead of being confusing:
>>
>> int
>> domknodat(struct proc *p, int fd, const char *path, mode_t mode, dev_t dev)
>> {
>> struct vnode *vp;
>> struct vattr vattr;
>> int error;
>> struct nameidata nd;
>>
>> if ((error = suser(p, 0)) != 0)
>> return (error);
>> if (p->p_fd->fd_rdir)
>> return (EINVAL);
>> ^^^^
>>
>> While that's silly
>> > to do it's still an alternate to an unchrooted /.
>> >
>> > -Otto
>> >
>>
>
>
>
> --
> May the most significant bit of your life be positive.
