Return to BSD News archive
Xref: sserve comp.os.386bsd.bugs:2587 comp.os.386bsd.questions:14388 Newsgroups: comp.os.386bsd.bugs,comp.os.386bsd.questions Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!msuinfo!gmi!zombie.ncsc.mil!news.mathworks.com!news.alpha.net!uwm.edu!spool.mu.edu!howland.reston.ans.net!pipex!uknet!festival!edcogsci!richard From: richard@cogsci.ed.ac.uk (Richard Tobin) Subject: Re: chroot() in FreeBSD 1.1.5.1 Message-ID: <Cz4AMA.9t8@cogsci.ed.ac.uk> Keywords: chroot permissions Organization: HCRC, University of Edinburgh References: <39vvl6$90m@clavin.uprc.com> Date: Fri, 11 Nov 1994 19:10:57 GMT Lines: 17 In article <39vvl6$90m@clavin.uprc.com> z056716@uprc.com writes: >Big question: why can't normal users call chroot??? Because if they could, they could chroot to a directory containing a bogus /etc/passwd, and become root. (This is only true if they can arrange for some program like su to be available from the new root, but it's too dangerous to allow.) If the manual doesn't mention that you have to be root, that's a bug in the manual. -- Richard -- Richard Tobin, HCRC, Edinburgh University R.Tobin@ed.ac.uk Ooooh! I didn't know we had a king. I thought we were an autonomous collective.