[bug #42411] gdomap chroots to /tmp

bug-gnustep

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #42411] gdomap chroots to /tmp

From:	Richard Frith-Macdonald
Subject:	[bug #42411] gdomap chroots to /tmp
Date:	Fri, 25 Jul 2014 10:29:56 +0000
User-agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/7.0.5 Safari/537.77.4

Follow-up Comment #4, bug #42411 (project gnustep):

I agree about 1 and 2 not being options.

I don't agree with (3) since if we don't chroot then we have to assume that
the executable has access to the whole filesystem ... and a chroot to /tmp
can't possibly be less secure than that.

Perhaps though, we could add a command-line argument to specify the directory
to which we should chroot, and only use the existing location if that argument
is not provided?  Then a distro could have a startup script which jails the
process in a known-safe location for that distro.

    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?42411>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[bug #42411] gdomap chroots to /tmp, Richard Frith-Macdonald, 2014/07/13
- [bug #42411] gdomap chroots to /tmp, Yavor Doganov, 2014/07/13
  - [bug #42411] gdomap chroots to /tmp, Yavor Doganov, 2014/07/25
    - [bug #42411] gdomap chroots to /tmp, Richard Frith-Macdonald <=
    - [bug #42411] gdomap chroots to /tmp, Richard Frith-Macdonald, 2014/07/25

Prev by Date: [bug #42411] gdomap chroots to /tmp
Next by Date: [bug #42804] Dubious configure test for -fexec-charset
Previous by thread: [bug #42411] gdomap chroots to /tmp
Next by thread: [bug #42411] gdomap chroots to /tmp
Index(es):
- Date
- Thread