Commit 032e952b authored by Colin Walters's avatar Colin Walters

docs: Update to note we do containers, but are mainly for build systems

parent add40469
......@@ -32,7 +32,8 @@ linux\-user\-chroot \- safely allow normal users to chroot
.IR ARGS...
.SH DESCRIPTION
.B linux\-user\-chroot
is a tool meant for building software in a clean environment.
is a setuid program that allows non-root users to safely use some Linux
kernel container features. It is primarily intended for use by build systems.
The user needs to create a directory tree with the build dependencies needed,
and only those,
and then
......
/* -*- mode: c; tab-width: 2; indent-tabs-mode: nil -*-
*
* linux-user-chroot: A setuid program that allows non-root users to safely chroot(2)
* linux-user-chroot: A setuid program for non-root users to safely create containers
*
* "safely": I believe that this program, when deployed as setuid on a
* typical "distribution" such as RHEL or Debian, does not, even when
* used in combination with typical software installed on that
* distribution, allow privilege escalation. See the README for more
* details.
* This program is primarily intended for use by build systems.
*
* Let me elaborate on "safely": I believe that this program, when
* deployed as setuid on a typical "distribution" such as RHEL or
* Debian, does not, even when used in combination with typical
* software installed on that distribution, allow privilege
* escalation. See the README for more details.
*
* Copyright 2011,2012,2015 Colin Walters <walters@verbum.org>
*
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment