aboutsummaryrefslogtreecommitdiff
path: root/configure.ac
diff options
context:
space:
mode:
authorHarald van Dijk <harald@gigawatt.nl>2015-02-13 16:05:49 +0000
committerEelco Dolstra <eelco.dolstra@logicblox.com>2015-02-16 12:18:19 +0100
commit5451b8db9db7dabb46e9f1966d72406c9da271a9 (patch)
treefa2cbd50139aefeb7a20309212a5f0ecc620e027 /configure.ac
parentb0bad3e61568419d497aaa11ede7afdf7ac4339c (diff)
Use pivot_root in addition to chroot when possible
chroot only changes the process root directory, not the mount namespace root directory, and it is well-known that any process with chroot capability can break out of a chroot "jail". By using pivot_root as well, and unmounting the original mount namespace root directory, breaking out becomes impossible. Non-root processes typically have no ability to use chroot() anyway, but they can gain that capability through the use of clone() or unshare(). For security reasons, these syscalls are limited in functionality when used inside a normal chroot environment. Using pivot_root() this way does allow those syscalls to be put to their full use.
Diffstat (limited to 'configure.ac')
-rw-r--r--configure.ac1
1 files changed, 1 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac
index be77975bd..756b2f227 100644
--- a/configure.ac
+++ b/configure.ac
@@ -87,6 +87,7 @@ AC_CHECK_HEADERS([sys/mount.h], [], [],
# include <sys/param.h>
# endif
])
+AC_CHECK_HEADERS([sys/syscall.h])
# Check for lutimes, optionally used for changing the mtime of