Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 27 Mar 2021 02:12:42 +0300
From: Askar Safin <>
To: Mickaël Salaün <>,,,,
Subject: Re: [PATCH v5 1/1] fs: Allow no_new_privs tasks to call chroot(2)

Hi. Unprivileged users already can do chroot. He should simply create userns and then call "chroot" inside. As an LWN commenter noted, you can simply run 
"unshare -r /usr/sbin/chroot some-dir". (I recommend reading all comments: .)

Also: if you need chroot for path resolving only, consider openat2 with RESOLVE_IN_ROOT ( ).

Askar Safin

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.