ostbuild: Clarify "safely" for user-chroot

author Colin Walters <walters@verbum.org>

Tue, 6 Dec 2011 19:39:30 +0000 (14:39 -0500)

committer Colin Walters <walters@verbum.org>

Tue, 6 Dec 2011 19:39:30 +0000 (14:39 -0500)
author Colin Walters <walters@verbum.org>
Tue, 6 Dec 2011 19:39:30 +0000 (14:39 -0500)
committer Colin Walters <walters@verbum.org>
Tue, 6 Dec 2011 19:39:30 +0000 (14:39 -0500)
diff --git a/src/ostbuild/ostbuild-user-chroot.c b/src/ostbuild/ostbuild-user-chroot.c

index c75654a5989d8aa5e0ca99087fbe1671e0b0097b..6781b388d9a4a91ecdfcfa4157d779130150fe79 100644 (file)
--- a/src/ostbuild/ostbuild-user-chroot.c
+++ b/src/ostbuild/ostbuild-user-chroot.c
@@ -2,6 +2,11 @@
   *
   * user-chroot: A setuid program that allows non-root users to safely chroot(2)
   *
+ * "safely": I believe that this program, when deployed as setuid on a
+ * typical "distribution" such as RHEL or Debian, does not, even when
+ * used in combination with typical software installed on that
+ * distribution, allow privilege escalation.
+ *
   * Copyright 2011 Colin Walters <walters@verbum.org>
   *
   * This program is free software; you can redistribute it and/or modify
author	Colin Walters <walters@verbum.org>
	Tue, 6 Dec 2011 19:39:30 +0000 (14:39 -0500)
committer	Colin Walters <walters@verbum.org>
	Tue, 6 Dec 2011 19:39:30 +0000 (14:39 -0500)