[linux-user-chroot] docs: Update to note we do containers, but are mainly for build systems

From: Colin Walters <walters src gnome org>
To: commits-list gnome org
Cc:
Subject: [linux-user-chroot] docs: Update to note we do containers, but are mainly for build systems
Date: Tue, 1 Sep 2015 18:29:26 +0000 (UTC)

commit 032e952b05567db521a57d755cafe52728f47e05
Author: Colin Walters <walters verbum org>
Date:   Tue Sep 1 14:28:56 2015 -0400

    docs: Update to note we do containers, but are mainly for build systems

 doc/linux-user-chroot.8 |    3 ++-
 src/linux-user-chroot.c |   14 ++++++++------
 2 files changed, 10 insertions(+), 7 deletions(-)
---
diff --git a/doc/linux-user-chroot.8 b/doc/linux-user-chroot.8
index 20e61e5..1b64d50 100644
--- a/doc/linux-user-chroot.8
+++ b/doc/linux-user-chroot.8
@@ -32,7 +32,8 @@ linux\-user\-chroot \- safely allow normal users to chroot
 .IR ARGS...
 .SH DESCRIPTION
 .B linux\-user\-chroot
-is a tool meant for building software in a clean environment.
+is a setuid program that allows non-root users to safely use some Linux
+kernel container features.  It is primarily intended for use by build systems.
 The user needs to create a directory tree with the build dependencies needed,
 and only those,
 and then
diff --git a/src/linux-user-chroot.c b/src/linux-user-chroot.c
index e3f4d75..87d85b0 100644
--- a/src/linux-user-chroot.c
+++ b/src/linux-user-chroot.c
@@ -1,12 +1,14 @@
 /* -*- mode: c; tab-width: 2; indent-tabs-mode: nil -*-
  *
- * linux-user-chroot: A setuid program that allows non-root users to safely chroot(2)
+ * linux-user-chroot: A setuid program for non-root users to safely create containers
  *
- * "safely": I believe that this program, when deployed as setuid on a
- * typical "distribution" such as RHEL or Debian, does not, even when
- * used in combination with typical software installed on that
- * distribution, allow privilege escalation.  See the README for more
- * details.
+ * This program is primarily intended for use by build systems.
+ *
+ * Let me elaborate on "safely": I believe that this program, when
+ * deployed as setuid on a typical "distribution" such as RHEL or
+ * Debian, does not, even when used in combination with typical
+ * software installed on that distribution, allow privilege
+ * escalation.  See the README for more details.
  *
  * Copyright 2011,2012,2015 Colin Walters <walters verbum org>
  *

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]