In perl.git, the branch blead has been updated <https://perl5.git.perl.org/perl.git/commitdiff/82007f754ed1e129a53fc7c964d84cddba7ca0de?hp=17d9d1f083f91c980b13920c53e48ffc00bf7c63>
- Log ----------------------------------------------------------------- commit 82007f754ed1e129a53fc7c964d84cddba7ca0de Author: Andrew Hewus Fresh <[email protected]> Date: Thu Jul 25 11:00:46 2019 -0700 Recommend chdir after chroot more strongly On Thu, Jul 25, 2019 at 09:35:44AM -0600, Theo de Raadt wrote: > It is mandatory because otherwise a program-user can arrange for cwd > to be outside the jail, and utilize that fact to pivot, and in some > program path utilizations the chroot then becomes not just pointless.. > it is worse than normal, because it creates a dual-namespace view of > the filesystem, that is a condition that program and libraries are not > prepared to operate in. https://marc.info/?l=openbsd-misc&m=156406908805913&w=2 ----------------------------------------------------------------------- Summary of changes: pod/perlfunc.pod | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pod/perlfunc.pod b/pod/perlfunc.pod index 066cd268db..37046b8e68 100644 --- a/pod/perlfunc.pod +++ b/pod/perlfunc.pod @@ -1228,9 +1228,10 @@ change your current working directory, which is unaffected.) For security reasons, this call is restricted to the superuser. If FILENAME is omitted, does a L<C<chroot>|/chroot FILENAME> to L<C<$_>|perlvar/$_>. -B<NOTE:> It is good security practice to do C<chdir("/")> +B<NOTE:> It is mandatory for security to C<chdir("/")> (L<C<chdir>|/chdir EXPR> to the root directory) immediately after a -L<C<chroot>|/chroot FILENAME>. +L<C<chroot>|/chroot FILENAME>, otherwise the current working directory +may be outside of the new root. Portability issues: L<perlport/chroot>. -- Perl5 Master Repository
