RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-26 21:37:36 +00:00
Code Issues Activity Actions

Kernel: Add a basic chroot() syscall :^)

Browse source 
The chroot() syscall now allows the superuser to isolate a process into
a specific subtree of the filesystem. This is not strictly permanent,
as it is also possible for a superuser to break *out* of a chroot, but
it is a useful mechanism for isolating unprivileged processes.

The VFS now uses the current process's root_directory() as the root for
path resolution purposes. The root directory is stored as an uncached
Custody in the Process object.
This commit is contained in:
Andreas Kling 2020-01-10 23:14:04 +01:00
parent 944fbf507a
commit ddd0b19281
7 changed files with 63 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Libraries/LibC/unistd.h
View file

@ -51,6 +51,7 @@ int execvpe(const char* filename, char* const argv[], char* const envp[]);
int execvp(const char* filename, char* const argv[]);
int execl(const char* filename, const char* arg, ...);
int execlp(const char* filename, const char* arg, ...);
int chroot(const char* path);
void sync();
void _exit(int status);
pid_t getsid(pid_t);