Re: git: b165e9e3ea4e - main - Add fchroot(2)

Reply: Edward Tomasz Napierala : "Re: git: b165e9e3ea4e - main - Add fchroot(2)"
Reply: Maxim Sobolev : "Re: git: b165e9e3ea4e - main - Add fchroot(2)"
In reply to: Edward Tomasz Napierala : "git: b165e9e3ea4e - main - Add fchroot(2)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Konstantin Belousov <kostikbel_at_gmail.com>
Date: Fri, 29 Nov 2024 15:24:43 UTC

On Fri, Nov 29, 2024 at 12:22:16PM +0000, Edward Tomasz Napierala wrote:
> The branch main has been updated by trasz:
> 
> URL: https://cgit.FreeBSD.org/src/commit/?id=b165e9e3ea4e327fc421d81c2a89242bd8720780
> 
> commit b165e9e3ea4e327fc421d81c2a89242bd8720780
> Author:     Edward Tomasz Napierala <trasz@FreeBSD.org>
> AuthorDate: 2024-11-29 07:46:07 +0000
> Commit:     Edward Tomasz Napierala <trasz@FreeBSD.org>
> CommitDate: 2024-11-29 12:10:02 +0000
> 
>     Add fchroot(2)
>     
>     This is similar to chroot(2), but takes a file descriptor instead
>     of path.  Same syscall exists in NetBSD and Solaris.  It is part of a larger
>     patch to make absolute pathnames usable in Capsicum mode, but should
>     be useful in other contexts too.

I wonder if it should be fchrootat(fd, path, flags) with the support for
AT_EMPTY_PATH instead.  Then fchroot() becomes the libc wrapper.

I can see arguments both pro and contra.  Main argument against is that
the immediate semantic is easily emulated by openat() + fchroot().  But
the freedom of adding the fchroot-specific flags might be worth considering.