From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <corinna@sourceware.org>
Received: by sourceware.org (Postfix, from userid 2155)
	id DD6F53858D38; Mon, 28 Aug 2023 08:50:51 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org DD6F53858D38
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1693212651;
	bh=GFBYKCKlCgLVgPr9+6qtmaEwkuPPMjDtygreGxJ2gsQ=;
	h=Date:From:To:Subject:Reply-To:References:In-Reply-To:From;
	b=t8wXWkMmNeBg8dc6TuBj0Va2s0aOU7VhjugZNH+0vWJjCcuW3lJIyO0A4YTpGeS5Z
	 vbilrjhP/68OFYEq/ame6nA7h2DxLmL8gKyS5MPFxg+3tsM4NHBTX+dgLYvTJrLUTx
	 ggc2yGKFeKjD0lfvD4BQTw/hTI2sxjZq1gNlwpLM=
Received: by calimero.vinschen.de (Postfix, from userid 500)
	id 03CBEA80D23; Mon, 28 Aug 2023 10:50:49 +0200 (CEST)
Date: Mon, 28 Aug 2023 10:50:49 +0200
From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin@cygwin.com
Subject: Re: process substitution to create a virtual file doesn't work in
 chroot environment
Message-ID: <ZOxf6QOIRAciCVE6@calimero.vinschen.de>
Reply-To: cygwin@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
References: <CAEF1h+XMtnd0_28cLNnEB2Q+XAxXE3VMZtXh9LLQzeP7n-fAJw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <CAEF1h+XMtnd0_28cLNnEB2Q+XAxXE3VMZtXh9LLQzeP7n-fAJw@mail.gmail.com>
List-Id: <cygwin.cygwin.com>

On Aug 27 18:13, Cary Lewis via Cygwin wrote:
> In a cygwin process that is started either from mintty or bash directly the
> following:
> 
> $ user=234
> 
> $ ./cat <(echo $user)
> 234
> works as expected.
> 
> But after a chroot:

>From https://cygwin.com/cygwin-ug-net/highlights.html:

  chroot is supported. Kind of. Chroot is not a concept known by
  Windows. This implies some serious restrictions. First of all, the
  chroot call isn't a privileged call. Any user may call it. Second, the
  chroot environment isn't safe against native windows processes.  Given
  that, chroot in Cygwin is only a hack which pretends security where
  there is none. For that reason the usage of chroot is discouraged.
  Don't use it unless you really, really know what you're doing.

> $ chroot . ./bash
> user=234
> $  ./cat <(echo $user)
> ./cat: /dev/fd/63: No such file or directory
> 
> In the directory I am chrooting in, I created a tmp folder, as well as
> proc, proc/self, and proc/self/fd, and a dev directory.
> 
> Can someone explain why process substitution to create a virtual file
> doesn't work in a chroot environment?

/dev/fd is a symlink pointing into nirvana after using chroot.

/dev/fd symlinks to /proc/self/fd, but in the chroot'ed environment
there's no /proc anymore.

I would like to underline what is written in the above Cygwin
documentation snippet:

The chroot implementation is old, bad, and deprecated.  I was going
to rip it out entirely for I don't know how often already, but there
was always somebody asking to keep it.  Given that it never did what
chroot is intended, don't use it.


Corinna