> > I don't have any ideas offhand of how this could be fixed. > > It's easier than that; you can just directly ask the proc server for > the global system root.
One can proxy the proc server. > The Hurd doesn't have Unixy chroots by design, but you can make a > subhurd which you can't break out of. That's the correct way to solve > the problems that Unix solves with chroot. I'm not suggesting that we should fix Unix's chroot with our chroot. However, there are a fair number of programs (namely daemons) which understand the security holes and are able, nevertheless, to take advantages of Unix's chroot behavior. The fact that our chroot is less secure than Unix's deserves, I think, at least a caveat. Thanks, Neal _______________________________________________ Bug-hurd mailing list Bug-hurd@gnu.org http://lists.gnu.org/mailman/listinfo/bug-hurd
