12.04 fails the same way. Note again that this is only in the case where we chroot before we pivot_root. This is done in lxc in the case where we find / is on a ramfs, which a special case usually on android systems.
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1377267 Title: On trusty I can break out of pivot_root chroot Status in “linux” package in Ubuntu: Incomplete Bug description: After doing a pivot_root, it should not be possible to use the standard well-known 'chroot escape' technique to escape back to the host root. However, Andrey Vagin found that on 14.04 that is in fact possible, if you first chroot. In 14.10, this is NOT possible. I've uploaded testscripts under http://people.canonical.com/~serge/chrootintoslave . Download the cis.* from there into a home directory in a clean vm, make them all executable, and run "./cis.maintest". I posted a similar set of scripts (just tweaking how the chroot+chdir are done after pivot_root) in http://people.canonical.com/~serge/chrootintoslave.2 - those have the same results on my system. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1377267/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
