Xref: utzoo news.admin:4119 news.sysadmin:1744 comp.mail.uucp:2399 Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!nrl-cmf!ukma!gatech!hubcap!ncrcae!ncrlnk!uunet!mcvax!hp4nl!botter!star.cs.vu.nl!maart From: maart@cs.vu.nl (Maarten Litmaath) Newsgroups: news.admin,news.sysadmin,comp.mail.uucp Subject: why chroot(1) isn't setuid (was: Dangerous hole in Usenet!) Message-ID: <1727@solo11.cs.vu.nl> Date: 29 Nov 88 22:38:05 GMT References: <1971@van-bc.UUCP> <572@comdesign.CDI.COM> <5517@medusa.cs.purdue.edu> <561@redsox.UUCP> <215@twwells.uucp> <155@ecicrl.UUCP> Organization: V.U. Informatica, Amsterdam, the Netherlands Lines: 16 clewis@ecicrl.UUCP (Chris Lewis) writes: \... can someone out there explain why chroot is privileged? Or \why /etc/chroot isn't setuid? Consider a directory `etc' relative to the new root, containing a file `passwd', which contains an entry `root', ... Get the idea? \It seems pretty darn silly that some \mechanism that can only be used for *reducing* access rights requires \root permission. It's a protection mechanism for ROOT: he's the ONLY guy that can do ANYTHING on a UNIX system. -- fcntl(fd, F_SETFL, FNDELAY): |Maarten Litmaath @ VU Amsterdam: let's go weepin' in the corner! |maart@cs.vu.nl, mcvax!botter!maart