On Sat, Dec 24, 2011 at 02:50:45PM +0400, Andrey Chernov wrote: > On Sat, Dec 24, 2011 at 02:45:21AM -0800, Xin LI wrote: > > On Sat, Dec 24, 2011 at 2:39 AM, Andrey Chernov <a...@freebsd.org> wrote: > > > On Sat, Dec 24, 2011 at 02:26:20AM -0800, Xin LI wrote: > > >> chroot(2) can create legitimate and secure environment where dlopen(2) > > >> is safe and necessary. > > > > > > Yes, so ischroot() check can be used only into that places where libc's > > > libc_dlopen() currently used, i.e. placed into libc_dlopen() itself. > > > > So it's Okay to break NSS in chroot jail? > > We need general solution. We simple can't count all possible and future > ftpd's arround the world and insert __FreeBSD_libc_enter_restricted_mode() > into them. I even not mention other programs that may use chroot() too. If > some component like auth is critical for chroot, it should be restricted > in general scope.
To work in admin-think-safe environment we can add another syscall like safe_chroot(1). When it is marked as safe, ischroot() will return 0. -- http://ache.vniz.net/ _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
