Complexity
Complexity
Posted Mar 25, 2013 18:46 UTC (Mon) by luto (subscriber, #39314)In reply to: Complexity by dlang
Parent article: Anatomy of a user namespaces vulnerability
Chrooting to an empty, unwritable directory, closing fds and dropping privileges denies useful filesystem access. A kernel that suddenly changes that is not okay and should be fixed. (And that's one of the bugs I found. Guess I might as well make the whole thing public.)