From ac892a92343b12afcb5039f4040af988c146ea43 Mon Sep 17 00:00:00 2001 From: rwatson Date: Fri, 31 Jan 2003 21:19:22 +0000 Subject: Document a bug in our chroot(2) implementation: if access control checks, including the "open directory" check or a MAC check fail, after the working directory of the process has been changed, then the cwd of the process will be left as the target directory rather than the original directory. At some point, this bug might be fixable by performing the directory change only after permission is granted for the change. In the mean time document it (it's been there for a while). --- lib/libc/sys/chroot.2 | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lib/libc') diff --git a/lib/libc/sys/chroot.2 b/lib/libc/sys/chroot.2 index 148bcd5..b2c3b4e 100644 --- a/lib/libc/sys/chroot.2 +++ b/lib/libc/sys/chroot.2 @@ -137,3 +137,9 @@ The .Fn chroot system call appeared in .Bx 4.2 . +.Sh BUGS +If the process is able to change its working directory to the target +directory, but another access control check fails (such as a check for +open directories, or a MAC check), it is possible that this system +call may return an error, with the working directory of the process +left changed. -- cgit v1.1