Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S272236AbTHDU1M (ORCPT ); Mon, 4 Aug 2003 16:27:12 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S272238AbTHDU1M (ORCPT ); Mon, 4 Aug 2003 16:27:12 -0400 Received: from quechua.inka.de ([193.197.184.2]:36835 "EHLO mail.inka.de") by vger.kernel.org with ESMTP id S272236AbTHDU1K (ORCPT ); Mon, 4 Aug 2003 16:27:10 -0400 To: linux-kernel@vger.kernel.org Subject: Re: chroot() breaks syslog() ? References: <6416776FCC55D511BC4E0090274EFEF5080024AC@exchange.world.net> <20030804133307.GA4225@www.13thfloor.at> Organization: private Linux site, southern Germany Date: Mon, 04 Aug 2003 22:19:16 +0200 From: Olaf Titz Message-Id: Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 669 Lines: 16 > IMHO, devfs in chroot environment, is defeating the purpose > because if you have access to raw devices, like the device > your chroot dir is on, you can easily mount that device > again, and voila you have access to the full tree, if you You need to be root to mount the device, and as root you can also create the device special file. A chroot environment does not reliably guard against root breaking out of it. Olaf - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/