Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262241AbVD1TX0 (ORCPT ); Thu, 28 Apr 2005 15:23:26 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262243AbVD1TXN (ORCPT ); Thu, 28 Apr 2005 15:23:13 -0400 Received: from mail.shareable.org ([81.29.64.88]:42154 "EHLO mail.shareable.org") by vger.kernel.org with ESMTP id S262241AbVD1TWf (ORCPT ); Thu, 28 Apr 2005 15:22:35 -0400 Date: Thu, 28 Apr 2005 20:22:23 +0100 From: Jamie Lokier To: Eric Van Hensbergen Cc: Pavel Machek , Al Viro , Miklos Szeredi , hch@infradead.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, akpm@osdl.org Subject: Re: [PATCH] private mounts Message-ID: <20050428192223.GB2895@mail.shareable.org> References: <20050424205422.GK13052@parcelfarce.linux.theplanet.co.uk> <20050424210616.GM13052@parcelfarce.linux.theplanet.co.uk> <20050424213822.GB9304@mail.shareable.org> <20050425152049.GB2508@elf.ucw.cz> <20050425190734.GB28294@mail.shareable.org> <20050426092924.GA4175@elf.ucw.cz> <20050426140715.GA10833@mail.shareable.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 863 Lines: 20 Eric Van Hensbergen wrote: > > Does chroot into /proc/NNN/root cause the chroot'ing process to adopt > > the namespace of NNN? Looking at the code, I think it does. > > I've been thinking about this a bit more...would you even need chroot? > (wouldn't exposing chroot functionality to a user incur additional > security risk? I guess it would be okay as long as you were only > chrooting to one of your other process' roots?) You don't need to let an ordinary user do chroot. The login process can do it before it changes uid to the user, the same as it does to set up all the other per-user parameters. -- Jamie - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/