mirror of
https://github.com/RGBCube/serenity
synced 2025-07-25 15:57:45 +00:00
Kernel: Add a basic chroot() syscall :^)
The chroot() syscall now allows the superuser to isolate a process into a specific subtree of the filesystem. This is not strictly permanent, as it is also possible for a superuser to break *out* of a chroot, but it is a useful mechanism for isolating unprivileged processes. The VFS now uses the current process's root_directory() as the root for path resolution purposes. The root directory is stored as an uncached Custody in the Process object.
This commit is contained in:
parent
944fbf507a
commit
ddd0b19281
7 changed files with 63 additions and 8 deletions
|
@ -229,6 +229,7 @@ public:
|
|||
int sys$futex(const Syscall::SC_futex_params*);
|
||||
int sys$set_thread_boost(int tid, int amount);
|
||||
int sys$set_process_boost(pid_t, int amount);
|
||||
int sys$chroot(const char* path, size_t path_length);
|
||||
|
||||
static void initialize();
|
||||
|
||||
|
@ -309,6 +310,9 @@ public:
|
|||
|
||||
u32 priority_boost() const { return m_priority_boost; }
|
||||
|
||||
Custody& root_directory();
|
||||
void set_root_directory(const Custody&);
|
||||
|
||||
private:
|
||||
friend class MemoryManager;
|
||||
friend class Scheduler;
|
||||
|
@ -369,6 +373,7 @@ private:
|
|||
|
||||
RefPtr<Custody> m_executable;
|
||||
RefPtr<Custody> m_cwd;
|
||||
RefPtr<Custody> m_root_directory;
|
||||
|
||||
RefPtr<TTY> m_tty;
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue