Document new chroot-related restrictions on fchdir, chroot, and ptrace
made possible by the kernel getcwd infrastructure
This commit is contained in:
sommerfe
parent
7414e58610
commit
d70c7c2004
@ -1,4 +1,4 @@
|
||||
.\" $NetBSD: chdir.2,v 1.11 1999/03/22 19:45:01 garbled Exp $
|
||||
.\" $NetBSD: chdir.2,v 1.12 1999/03/26 23:37:27 sommerfe Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 1980, 1991, 1993
|
||||
.\" The Regents of the University of California. All rights reserved.
|
||||
@ -117,6 +117,11 @@ The file descriptor does not reference a directory.
|
||||
The argument
|
||||
.Fa fd
|
||||
is not a valid file descriptor.
|
||||
.It Bq Er EPERM
|
||||
The argument
|
||||
.Fa fd
|
||||
references a directory which is not at or below the current process's
|
||||
root directory.
|
||||
.El
|
||||
.Sh SEE ALSO
|
||||
.Xr chroot 2
|
||||
@ -131,3 +136,4 @@ The
|
||||
function call
|
||||
appeared in
|
||||
.Bx 4.2 .
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
.\" $NetBSD: chroot.2,v 1.10 1999/03/22 19:45:01 garbled Exp $
|
||||
.\" $NetBSD: chroot.2,v 1.11 1999/03/26 23:37:27 sommerfe Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 1983, 1991, 1993
|
||||
.\" The Regents of the University of California. All rights reserved.
|
||||
@ -57,7 +57,9 @@ beginning with
|
||||
In order for a directory to become the root directory
|
||||
a process must have execute (search) access for that directory.
|
||||
.Pp
|
||||
It should be noted that
|
||||
If the current working directory is not at or under the new root
|
||||
directory, it is silently set to the new root directory.
|
||||
It should be noted that, on most other systems,
|
||||
.Fn chroot
|
||||
has no effect on the process's current directory.
|
||||
.Pp
|
||||
@ -98,3 +100,8 @@ The
|
||||
.Fn chroot
|
||||
function call appeared in
|
||||
.Bx 4.2 .
|
||||
Working directory handling was changed in
|
||||
.Nx 1.4
|
||||
to prevent one way a process could use a second
|
||||
.Fn chroot
|
||||
call to a different directory to "escape" from the restricted subtree.
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
.\" $NetBSD: ptrace.2,v 1.7 1999/03/22 19:45:07 garbled Exp $
|
||||
.\" $NetBSD: ptrace.2,v 1.8 1999/03/26 23:37:27 sommerfe Exp $
|
||||
.\"
|
||||
.\" This file is in the public domain.
|
||||
.Dd November 7, 1994
|
||||
@ -158,6 +158,14 @@ not be executing a setuid or setgid executable. (If the tracing
|
||||
process is running as root, these restrictions do not apply.) The
|
||||
tracing process will see the newly-traced process stop and may then
|
||||
control it as if it had been traced all along.
|
||||
.Pp
|
||||
Two other restrictions apply to all tracing processes, even those
|
||||
running as root. First, no process may trace the process running
|
||||
.Xr init 8 .
|
||||
Second, if a process has its root directory set with
|
||||
.Xr chroot 2 ,
|
||||
it may not trace another process unless that process's root directory
|
||||
is at or below the tracing process's root.
|
||||
.It Dv PT_DETACH
|
||||
This request is like PT_CONTINUE, except that it does not allow
|
||||
specifying an alternative place to continue execution, and after it
|
||||
|
||||
Loading…
Reference in New Issue
Block a user