On Thu, Jul 01, 2010 at 02:47:59PM +0200, Bastian Blank wrote: > Since some version, schroot mounts the complete /dev from the host. This > is a security risk and not documented in the changelog.
I'll better document this. We now have a "minimal" (and "sbuild") profile which do not mount /dev. Previously, default/fstab would mount /dev, /dev/pts and /dev/shm so this is not changed from earlier releases; however, rbinging /dev does mean any filesystems mounted in addition to these three will be made available inside the chroot. For most users, there is no change at all to /dev mounting; do you have any other filesystems mounted under /dev in addition to these three? Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
signature.asc
Description: Digital signature
