X-Recipient:	archive-cygwin AT delorie DOT com
DKIM-Filter:	OpenDKIM Filter v2.11.0 sourceware.org 7EBED385840C
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1693212666;
	bh=ifoqK1ux21ktetJ2ayWnltxboVZtMeSTyqrr+4a+JHw=;
	h=Date:To:Subject:References:In-Reply-To:List-Id:List-Unsubscribe:
	List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:
	From;
	b=bfje/G6MEGZCCnsC9iUCjP7Kmu/MWgDm0QmkjLg5ggg8myfALLCc/oz2SCPVUDA2u
	j9ULYm4uK24DRisO5zrzvb401LAjWXbGpxm2mHdhvBoazTAmfhWD+Uj+KRiRnLwUpt
	zZg9DT6g/huxyKJ33+kEep0GLu4rU3BbXtQSS37k=
X-Original-To:	cygwin AT cygwin DOT com
Delivered-To:	cygwin AT cygwin DOT com
DKIM-Filter:	OpenDKIM Filter v2.11.0 sourceware.org DD6F53858D38
Date:	Mon, 28 Aug 2023 10:50:49 +0200
To:	cygwin AT cygwin DOT com
Subject:	Re: process substitution to create a virtual file doesn't work in
	chroot environment
Message-ID:	<ZOxf6QOIRAciCVE6@calimero.vinschen.de>
Mail-Followup-To:	cygwin AT cygwin DOT com
References:	<CAEF1h+XMtnd0_28cLNnEB2Q+XAxXE3VMZtXh9LLQzeP7n-fAJw AT mail DOT gmail DOT com>
MIME-Version:	1.0
In-Reply-To:	<CAEF1h+XMtnd0_28cLNnEB2Q+XAxXE3VMZtXh9LLQzeP7n-fAJw@mail.gmail.com>
X-BeenThere:	cygwin AT cygwin DOT com
X-Mailman-Version:	2.1.30
List-Id:	General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe:	<https://cygwin.com/mailman/options/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive:	<https://cygwin.com/pipermail/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe:	<https://cygwin.com/mailman/listinfo/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From:	Corinna Vinschen via Cygwin <cygwin AT cygwin DOT com>
Reply-To:	cygwin AT cygwin DOT com
Cc:	Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
Errors-To:	cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com
Sender:	"Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com>

On Aug 27 18:13, Cary Lewis via Cygwin wrote:
> In a cygwin process that is started either from mintty or bash directly the
> following:
> 
> $ user=234
> 
> $ ./cat <(echo $user)
> 234
> works as expected.
> 
> But after a chroot:

From https://cygwin.com/cygwin-ug-net/highlights.html:

  chroot is supported. Kind of. Chroot is not a concept known by
  Windows. This implies some serious restrictions. First of all, the
  chroot call isn't a privileged call. Any user may call it. Second, the
  chroot environment isn't safe against native windows processes.  Given
  that, chroot in Cygwin is only a hack which pretends security where
  there is none. For that reason the usage of chroot is discouraged.
  Don't use it unless you really, really know what you're doing.

> $ chroot . ./bash
> user=234
> $  ./cat <(echo $user)
> ./cat: /dev/fd/63: No such file or directory
> 
> In the directory I am chrooting in, I created a tmp folder, as well as
> proc, proc/self, and proc/self/fd, and a dev directory.
> 
> Can someone explain why process substitution to create a virtual file
> doesn't work in a chroot environment?

/dev/fd is a symlink pointing into nirvana after using chroot.

/dev/fd symlinks to /proc/self/fd, but in the chroot'ed environment
there's no /proc anymore.

I would like to underline what is written in the above Cygwin
documentation snippet:

The chroot implementation is old, bad, and deprecated.  I was going
to rip it out entirely for I don't know how often already, but there
was always somebody asking to keep it.  Given that it never did what
chroot is intended, don't use it.


Corinna

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

- Raw text -