Move the magic list of commands needing cleanup from toys/pending/README

to greppable TODO annotations in the individual files. (grep -riw TODO)
author: Rob Landley <rob@landley.net> 2015-05-31 05:11:28 -0500
committer: Rob Landley <rob@landley.net> 2015-05-31 12:12:35 -0500
commit: f033f8607f156464747abe57487c1f6226f94001 (patch)
tree: a6df1d5b20e886662c29dd422fcef344f12955d5 /toys/other/chroot.c
parent: 42cc29c7883c852462c6c740c72eff06bca8accc (diff)
download: toybox-f033f8607f156464747abe57487c1f6226f94001.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/toys/other/chroot.c b/toys/other/chroot.c
index e82dd803..4260d98f 100644
--- a/toys/other/chroot.c
+++ b/toys/other/chroot.c
@@ -1,6 +1,11 @@
 /* chroot.c - Run command in new root directory.
  *
  * Copyright 2007 Rob Landley <rob@landley.net>
+ *
+ * TODO: The test for root is "==" so root can trivially escape a chroot by
+ * moving it below cwd, ala mkdir("sub"); chroot("sub"); chdir("../../../..")
+ * The container guys use pivot_root() to deal with this, which does actually
+ * edit mount tree. (New option? Kernel patch?)
 
 USE_CHROOT(NEWTOY(chroot, "^<1", TOYFLAG_USR|TOYFLAG_SBIN))
author	Rob Landley <rob@landley.net>	2015-05-31 05:11:28 -0500
committer	Rob Landley <rob@landley.net>	2015-05-31 12:12:35 -0500
commit	f033f8607f156464747abe57487c1f6226f94001 (patch)
tree	a6df1d5b20e886662c29dd422fcef344f12955d5 /toys/other/chroot.c
parent	42cc29c7883c852462c6c740c72eff06bca8accc (diff)
download	toybox-f033f8607f156464747abe57487c1f6226f94001.tar.gz