Name

PRXY-531 — Application cannot change its root directory if not started by root

Severity

C (critical)

Message text

Not running as root, cannot change root directory

Description

It is possible to run an application in the so-called chroot environment. A directory is chosen to be a new root directory for the application. This effectively restricts the application into a subtree of the file system tree and disables access to all files outside the subtree.

If chroot operation is requested, the application must be started by root. Otherwise application logs this message and terminates.

See also

logging(7)

Authors

This man page is a part of Kernun Firewall.
Copyright © 2000–2023 Trusted Network Solutions, a. s.
All rights reserved.