> Hi Ed,
> Quoting Ed W <firstname.lastname@example.org>:
>> If I have my chroot barrier set on /vserver and then bind mount (for
>> some reason) something from /var/xxx into a vserver, does this then
>> offer an (accidental) way to break out of the chroot using some kind of
>> ".." attack on the bind mount?
Bind mounts are safe. .. is relative to the mount-tree, and the fact that
it's a bind mount shouldn't matter.
> I don't think mounting another device poses a big _additional_ security
> But, if you are concerned about breaking out of virtual hosts, than
> you probably have other worries, as virtual servers are not meant for
> security purposes.
Uhhh, what? That's exactly what they're meant for.
> Best regards,
-- Daniel Hokka ZakrissonReceived on Mon Nov 19 16:56:23 2007