No, it works only with "..", and not with "." ! I don't know why, I believe
it's because the process is still attached to the old FS when mounting on ".".
> If attacker can mount of chroot - you've LOST. Already. End of story.
To me, it seems this is the *only* remaining case in an *empty* read-only
directory. The fact is that the attacker needs at least a mount point to mount
something. Not providing him one is efficient, but here he can only exploit
"..".
Please reconsider the question, Al, because I really think that with this, we
can get reliable jails for network daemons which don't need file access at all.
Cheers,
Willy
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/