On Wed, Mar 9, 2011 at 5:16 PM, M. Mohan Kumar <mo...@in.ibm.com> wrote:
> Add chroot functionality for systemcalls that can operate on a file
> using relative directory file descriptor.
I suspect the relative directory approach is broken and escapes the
chroot. Here's why:
The request is local_chmod(fs_ctx, "/..", credp). dirname("/..") is
"/" and basename("..") is "..".
I'm not 100% sure of the semantics but I suspect that chmodat(dir_fd,
"..", ...) does not honor the chroot since your current task is not
inside the chroot. If so, then you can manipulate the parent
directory of the chroot using some of the operations added in this
patch.
The safe solution is to perform all operations inside the chroot.
This will require extending the chroot socket protocol.
Stefan
