Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You don't. A correct `chroot()` implementation shouldn't let you access paths that aren't below the new `/`.


That is indeed the modern behaviour of chroot. It is not clear that the "original implementation" shown in the article shares that property, though.

EDIT: That's not to say it doesn't prevent that behaviour. If the usual code to prevent you ..ing above the root checks against u.u_rdir instead of /, it might well work as modern implementations do.


My recollection of chroot in the late '90s is that it didn't provide a jail.


Must of been OS dependent. When I was doing bootp stuff in the mid '90s the whole point of chroot was the jail.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: