This is the mail archive of the
cygwin@sourceware.cygnus.com
mailing list for the Cygwin project.
Re: Simple chroot using chdrive
- To: dahms at ifk20 dot mach dot uni-karlsruhe dot de
- Subject: Re: Simple chroot using chdrive
- From: Alex <garbanzo at hooked dot net>
- Date: Thu, 27 Nov 1997 17:07:30 -0800 (PST)
- cc: gnu-win32 at cygnus dot com
On Fri, 28 Nov 1997 dahms@ifk20.mach.uni-karlsruhe.de wrote:
> Hi Alex, you wrote:
>
> : What exactly does chdrive do? Chroot, changes the location of / to
> : whatever _directory_ you choose, which could be on any drive in theory.
>
> Chdrive simply sets the drive letter, which is reversible.
> It does not restrict access since you can always specify a filename
> including a drive letter (or UNC equivalent).
>
> Chroot under unix is a major security issue, since it is *not* reversible,
> and prevents access to any file or device above given directory for the
> process once called and all it's newly forked childs, even for root,
> in any case e.g. loading system shared libraries.
> I guess almost every public FTP server uses this feature!
While it may be a security issue, or flawed in many respects, this is how
Unix works. If the goal of cygwin.dll is to emulate Unixish functions,
chdrive isn't what is being looked for. Chroot() incidentally can only
be used by the super-user. For instance fork() or select() vs it's Win32
counterparts.
- alex
-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".