Author: imp Date: Tue Sep 29 18:13:54 2020 New Revision: 366266 URL: https://svnweb.freebsd.org/changeset/base/366266
Log: Updates to chroot(2) docs 1. Note what settings give historic behavior 2. Recommend jail under security considerations. Modified: head/lib/libc/sys/chroot.2 Modified: head/lib/libc/sys/chroot.2 ============================================================================== --- head/lib/libc/sys/chroot.2 Tue Sep 29 18:06:02 2020 (r366265) +++ head/lib/libc/sys/chroot.2 Tue Sep 29 18:13:54 2020 (r366266) @@ -28,7 +28,7 @@ .\" @(#)chroot.2 8.1 (Berkeley) 6/4/93 .\" $FreeBSD$ .\" -.Dd June 26, 2020 +.Dd September 29, 2020 .Dt CHROOT 2 .Os .Sh NAME @@ -91,7 +91,10 @@ system call. .Pp Any other value for .Ql kern.chroot_allow_open_directories -will bypass the check for open directories +will bypass the check for open directories, +mimicking the historic insecure behavior of +.Fn chroot +still present on other systems. .Sh RETURN VALUES .Rv -std .Sh ERRORS @@ -156,3 +159,7 @@ root, for instance, setup the sandbox so that the sandboxed user will have no write access to any well-known system directories. +.Pp +For complete isolation from the rest of the system, use +.Xr jail 2 +instead. _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
