[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sudo-users
Subject:    Re: [sudo-users] Using sudo in creating a chroot jail
From:       "Todd C. Miller" <Todd.Miller () courtesan ! com>
Date:       2004-09-16 17:03:47
Message-ID: 200409161703.i8GH3m3o011282 () xerxes ! courtesan ! com
[Download RAW message or body]

I would not use sudo for this, I would write a simple C program
that verifies the invoking user's passwd db entry has the program
as its shell, then runs chroot directly.  It would have to be setuid
root of course but since the only users able to run the program are
ones with it as their shell this is safe.

 - todd

[prev in list] [next in list] [prev in thread] [next in thread]