RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-31 18:18:12 +00:00
Code Issues Activity Actions

Kernel: Add a basic chroot() syscall :^)

Browse source 
The chroot() syscall now allows the superuser to isolate a process into
a specific subtree of the filesystem. This is not strictly permanent,
as it is also possible for a superuser to break *out* of a chroot, but
it is a useful mechanism for isolating unprivileged processes.

The VFS now uses the current process's root_directory() as the root for
path resolution purposes. The root directory is stored as an uncached
Custody in the Process object.
This commit is contained in:
Andreas Kling 2020-01-10 23:14:04 +01:00
parent 944fbf507a
commit ddd0b19281
7 changed files with 63 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

10
Libraries/LibC/unistd.cpp
View file

@ -617,4 +617,14 @@ int get_process_name(char* buffer, int buffer_size)
int rc = syscall(SC_get_process_name, buffer, buffer_size);
__RETURN_WITH_ERRNO(rc, rc, -1);
}
int chroot(const char* path)
{
if (!path) {
errno = EFAULT;
return -1;
}
int rc = syscall(SC_chroot, path, strlen(path));
__RETURN_WITH_ERRNO(rc, rc, -1);
}
}