1 |
On 8/17/19 4:35 AM, Ulrich Mueller wrote: |
2 |
>>>>>> On Sat, 17 Aug 2019, Michael Orlitzky wrote |
3 |
> |
4 |
> Same for the "sshd" user, which IIRC chroots to /var/empty, but must |
5 |
> not (be able to) write to that dir. |
6 |
> |
7 |
|
8 |
OpenSSH is configurable in this regard, but this was a prescient |
9 |
example. OpenNTPd has a similar ./configure option for its chroot |
10 |
directory -- and then ignores it and chroots to $HOME anyway. |
11 |
|
12 |
In cases like that, probably the best we can do is to use a "unique" |
13 |
user and home directory, insofar as we can do that. |
14 |
|
15 |
I'll keep it in mind as a counterexample when writing the devmanual patch. |