[issue63] [PATCH] Added 'rpm-dbpath' option; enhanced chroot operations

Enrico Scholz at Labix Tracker tracker at labix.org
Mon Dec 26 06:20:57 PST 2005


Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> added the comment:

e.g. try

| # d=/tmp/foo
| # mkdir -p $d/var
| # ln -s /root $d/var/lib
| # smart -o rpm-root=$d update

--> it will create an 'rpm' directory in the host's /root directory. With some
other paths this might be used for attacks from within the chroot environment or
it might destroy functionality when such symlinks are used. And yes, secure
chroots are posssible; e.g. see Linux VServers, Solaris Zones or BSD jails.

'rpm-root' means "chroot". It's not possible to emulate a chroot environment
just by concatenating two paths (as in the current code). You have either to do
a real chroot(2), or a complicated chdir-by-pathcomponent walking.

_______________________________________
Labix issue tracker <tracker at labix.org>
<http://tracker.labix.org/issue63>
_______________________________________



More information about the Smart mailing list