On Thu, Jul 25, 2019 at 09:35:44AM -0600, Theo de Raadt wrote: > Andrew Hewus Fresh <and...@afresh1.com> wrote: > > https://perldoc.perl.org/5.30.0/functions/chroot.html > > > NOTE: It is good security practice to do chdir("/") > > > (chdir to the root directory) immediately after a chroot. > > > > The phrasing "good security practice" is quite dissapointing, when it > is MANDATORY. Much like saying it is not good practice to wipe your bum.
I filed a ticket with some possibly improved wording, lightly based on what's below. https://rt.perl.org/Public/Bug/Display.html?id=134314 > It is mandatory because otherwise a program-user can arrange for cwd > to be outside the jail, and utilize that fact to pivot, and in some > program path utilizations the chroot then becomes not just pointless.. > it is worse than normal, because it creates a dual-namespace view of > the filesystem, that is a condition that program and libraries are not > prepared to operate in. l8rZ, -- andrew - http://afresh1.com What are the unsurpassable real world weaknesses in OpenBSD, that you know of? -- Kevin Chadwick <ma1l1i...@yahoo.co.uk> Lots of fake people attacking the project on the mailing lists makes them a poor resource for users. -- Theo de Raadt <dera...@cvs.openbsd.org>
