From:	garbanzo AT hooked DOT net (Alex)
Subject:	Re: Simple chroot using chdrive
28 Nov 1997 00:01:55 -0800 :
Message-ID:	<Pine.BSF.3.96.971127170435.2856A-100000.cygnus.gnu-win32@zippy.dyn.ml.org>
References:	<009BDF27 DOT F876B740 DOT 29068 AT ifk20 DOT mach DOT uni-karlsruhe DOT de>
Mime-Version:	1.0
To:	dahms AT ifk20 DOT mach DOT uni-karlsruhe DOT de
Cc:	gnu-win32 AT cygnus DOT com

On Fri, 28 Nov 1997 dahms AT ifk20 DOT mach DOT uni-karlsruhe DOT de wrote:

> Hi Alex, you wrote:
> 
> : What exactly does chdrive do?  Chroot, changes the location of / to
> : whatever _directory_ you choose, which could be on any drive in theory.
> 
> Chdrive simply sets the drive letter, which is reversible.
> It does not restrict access since you can always specify a filename
> including a drive letter (or UNC equivalent).
> 
> Chroot under unix is a major security issue, since it is *not* reversible,
> and prevents access to any file or device above given directory for the
> process once called and all it's newly forked childs, even for root,
> in any case e.g. loading system shared libraries.
> I guess almost every public FTP server uses this feature!

While it may be a security issue, or flawed in many respects, this is how
Unix works.  If the goal of cygwin.dll is to emulate Unixish functions,
chdrive isn't what is being looked for.  Chroot() incidentally can only 
be used by the super-user. For instance fork() or select() vs it's Win32
counterparts.

- alex

-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request AT cygnus DOT com" with one line of text: "help".

- Raw text -