Is it possible to define the root directory in a cross compiled program
Bill Stewart
bstewart@iname.com
Tue Jan 5 15:02:16 GMT 2021
On Tue, Jan 5, 2021 at 6:34 AM Eliot Moss wrote:
> Is there a Windows equivalent to chroot (either the program or the library/system call)?
See: https://cygwin.com/cygwin-ug-net/highlights.html
Quoting:
"Chroot is supported. Kind of. Chroot is not a concept known by
Windows. This implies some serious restrictions. First of all, the
chroot call isn't a privileged call. Any user may call it. Second, the
chroot environment isn't safe against native windows processes. Given
that, chroot in Cygwin is only a hack which pretends security where
there is none. For that reason the usage of chroot is discouraged.
Don't use it unless you really, really know what you're doing."
What I have found is that the cygwin chroot is not a security boundary
(it seems it is possible for an account to "escape" from the "chroot
jail"). However, whatever account is being used by the cygwin process
is still subject to its rights/permissions in Windows (i.e.,
"escaping" from a "chroot jail" does not give additional rights and/or
permissions to an account that it didn't have before).
Bill
More information about the Cygwin
mailing list