acid_kewpie |
10-16-2008 07:03 AM |
TBH no I don't know. From the perspective of adding a risk there is the use of the chroot code which wouldn't be there without, I'm not sure if that actually does use the generic chroot functions or is an internal repimplementation, but it makes the overall solution more complex i guess. Within a chroot you have /home/user appear to be just /, so if there is a shared account you could easily have a user access /bin/passwd or such and actually access /home/user/bin/passwd.
|