[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] -chroot and -su options.
From: |
Rob Landley |
Subject: |
Re: [Qemu-devel] [PATCH] -chroot and -su options. |
Date: |
Wed, 5 Mar 2008 00:51:36 -0600 |
User-agent: |
KMail/1.9.6 (enterprise 0.20070907.709405) |
On Tuesday 04 March 2008 05:22:12 you wrote:
> On Mon, Mar 03, 2008 at 06:28:22PM -0600, Rob Landley wrote:
> > Quick and dirty patch to teach qemu application emulation how to chroot
> > (and drop privs), so you don't have to pollute a target filesystem with
> > host code, and/or figure out how to build qemu static in order to run a
> > dynamic binary.
>
> Hi Rob,
>
> Right, doing the chroot from within qemu avoids the issue with polluting
> the target/. Thanks for the example.
>
> The chroot approach still suffers from the need of initially having higher
> privileges. Personally, I still prefer the sysroot option and avoid that
> need but either way helps me.
>
> Best regards
Which sysroot option? (I may have missed a patch, I'm a month behind on the
list. This is just something I've meant to submit for... about a year, I
think.)
You can also teach a bunch of different qemu syscalls (open, unlink, mmap,
exec, fcntl, and 3 dozen others...) to append a prefix to its path, and
perhaps try to prevent them from playing games with symlinks or ".." to break
out of that subdir. But that's a much, much, much more extensive/intrusive
patch.
Rob
--
"One of my most productive days was throwing away 1000 lines of code."
- Ken Thompson.
Re: [Qemu-devel] [PATCH] -chroot and -su options., Anderson Lizardo, 2008/03/14