This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug build/22339] support/support_can_chroot.c (support_can_chroot): Should call chdir("/");

From: "carlos at redhat dot com" <sourceware-bugzilla at sourceware dot org>
To: glibc-bugs at sourceware dot org
Date: Tue, 09 Apr 2019 05:05:32 +0000
Subject: [Bug build/22339] support/support_can_chroot.c (support_can_chroot): Should call chdir("/");
Auto-submitted: auto-generated
References: <bug-22339-131@http.sourceware.org/bugzilla/>

https://sourceware.org/bugzilla/show_bug.cgi?id=22339

--- Comment #4 from Carlos O'Donell <carlos at redhat dot com> ---
(In reply to Florian Weimer from comment #3)
> I think the warning itself is harmful.  chroot is not a security feature, so
> whether you do a chdir afterwards or not does not matter.

Why do you think the warning is harmful?

I agree chroot is not a security feature.

I'm suggesting the issue is simply a logical one, that chroot does not change
the current working directory.

Is it good practice, or not, to always issue a chdir("/"); after a chroot?

Should we do it in this case?

The fact that it silences a warning from a scanner is one consideration.

> This is just another bogus warning from a tool that also tells users to set
> umask before calling mkstemp, actually *introducing* bugs.

That is not relevant to this bug.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]