vserver Howto/FAQ

Howto index

Is a chroot() environment really unbreakable

Since the kernel 2.4.17ctx-6, all issues with chroot are now plugged. root inside a vserver, even with the CAP_SYS_CHROOT capability can't escape out.

Here are the usual tricks used to escape a chroot environment.

So it seems chroot() is safe. Anyone has more information about this ?