chroot()'s history, and my blind spot about System III
In a comment on my entry on
Greg A. Woods noted that System III is the first Unix where
actually prevents your process from just doing
escape the new root directory. System III predates 4.x BSD, so I
was more or less wrong in my entry on this.
Only in the BSD line was 4.1c the starting point for this bit of
chroot() security. System III source code is even available
online here, so I
could have checked and seen this myself if I'd thought of it.
I didn't, though, and that's because I have a blind spot about System III. For a long time Unix was split into two sides, which I'll call the university side and the commercial side. BSD and all of its descendents come from the university side; System III and then System V came from the commercial side. The university side dominated both in universities themselves and in Sun and DEC workstations that more or less derived from that environment, while the commercial side mostly wound up in high end big iron servers.
(SGI was an odd case; it was System V derived but had a bunch of BSD stuff added. This caused a certain amount of heartburn in people who dealt with it.)
Although I've used System V machines, in cultural terms I come from
the university side of Unix; it's what I have the most exposure to,
what I'm most familiar with, and as a result it's what I reflexively
think of as 'real Unix'. In other words, it's a tribal affiliation.
With a few exceptions I tend to just assume that BSD did something
first and best, and that System V had a lot of hacks.
So when I was looking at the history of
chroot(), I didn't pay a
lot of attention to System III; I didn't really look to see the
chroot() in it, and I didn't actually look at its release
date (which is surprisingly early).
(It looks like System III and information about it probably wasn't
publicly available early enough to influence BSD's
but it's at least possible I'm wrong here and that hearing about
chroot() security in System III helped push BSD to implement it.)
This is, of course, kind of a mistake. System III and later System
V had their own innovations,
chroot() security among them, and I
shouldn't dismiss their contributions to Unix so reflexively and
tribally (even if AT&T too often had terrible ideas there).