Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 8 Oct 2019 19:49:55 +0200
From: Reiner Herrmann <reiner@...ner-h.de>
To: Rich Felker <dalias@...c.org>
Cc: musl@...ts.openwall.com
Subject: Re: realpath after chroot

On Tue, Oct 08, 2019 at 01:38:50PM -0400, Rich Felker wrote:
> > I noticed that realpath is no longer working after chroot is called.
> 
> This is a documented requirement:
> 
[...]
> 
> Source: https://www.musl-libc.org/doc/1.0.0/manual.html
> 
> It's been discussed in more depth in other places. Basically, Linux
> makes it impossible to do some things needed for a fully working
> C/POSIX implementation without /proc, so we have to treat it as a
> "requirement". Some subset of functionality works without it, but no
> formal specification of exactly what works is made by musl.
> 
> For realpath, indeed it can be implemented in userspace without /proc,
> and it may be desirable to do so as a fallback. It might make sense to
> do an analysis of "how essential" /proc still is on reasonably recent
> kernels; if the need for it is isolated to dynamic linker stuff (rpath
> origin, etc.) then it might make a lot of sense to formalize that
> /proc is only mandatory for certain things.

Interesting, thank you for the explanation.
For a daemon that chroots somewhere I then need to either mount proc
into the chroot or avoid realpath.

Regards,
  Reiner

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.