Is it possible to exit the chroot(2) environment?
Kyle Evans
kevans at freebsd.org
Sun Sep 27 20:09:40 UTC 2020
On Sun, Sep 27, 2020 at 3:04 PM Yuri <yuri at rawbw.com> wrote:
>
> On 2020-09-27 12:56, Kyle Evans wrote:
> > kern.chroot_allow_open_directories to some value that isn't 0 or 1.
>
>
> It succeeds with kern.chroot_allow_open_directories=2.
>
>
Ok, so Warner's proposal was correct and we've verified the semantics
work out the same, this is simply a behavioral difference in that
we're a little more strict -- presumably to make it less trivial to
break out of a chroot.
I suspect a default change for the sysctl/behavior is unlikely, your
best bet to move forward is probably to work out if they really need
to have dangling directories open and correct that if at all possible.
More information about the freebsd-hackers
mailing list