lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.61.0709260906080.31286@chaos.analogic.com>
Date:	Wed, 26 Sep 2007 09:18:04 -0400
From:	"linux-os \(Dick Johnson\)" <linux-os@...logic.com>
To:	"David Newall" <david@...idnewall.com>
Cc:	"Olivier Galibert" <galibert@...ox.com>,
	"Kyle Moffett" <mrmacman_g4@....com>,
	"Adrian Bunk" <bunk@...nel.org>,
	"Alan Cox" <alan@...rguk.ukuu.org.uk>,
	"Serge E. Hallyn" <serge@...lyn.com>,
	"Bill Davidsen" <davidsen@....com>,
	"Philipp Marek" <philipp@...ek.priv.at>, <7eggert@....de>,
	"majkls" <majkls@...pere.com>, <bunk@...tum.de>,
	<linux-kernel@...r.kernel.org>
Subject: Re: Chroot bug


On Wed, 26 Sep 2007, David Newall wrote:

> Olivier Galibert wrote:
>> chroot does not allow you to walk out if you're in.
>
> You're mistaken.  Or more properly, further use of chroot lets you walk
> out.  This really has been said before, and before, and before.
>
>    chroot("subtree");   // enter chroot
>    chdir("/");    // now at subtree
>    chroot("/tmp");   // now outside of chroot
>
>
> BSD redefined chroot so that the working directory is set to the new
> root on subsequent uses of chroot; that's how they solved the bug.

I don't know that the so-called requirements are, but if you
have a distribution tree mounted on /mnt and you perform the
following operations:

cd /mnt
chroot . bin/bash

That shell, will not leave the new root until it exits or
executes `chroot`. I've tried the "tricks" about mounting
/proc and changing to 'cwd' of init, etc. However, your
new root needs to NOT have the chroot utility available
and/or the system call needs to be removed or trapped
in the runtime library of the new root, because, quite
obviously, a root process can do anything it wants.
That's how Unix was designed. So, if you don't want
somebody to get out of your 'jail' don't provide
the keys. It's clearly not a kernel issue.


Cheers,
Dick Johnson
Penguin : Linux version 2.6.22.1 on an i686 machine (5588.29 BogoMips).
My book : http://www.AbominableFirebug.com/
_


****************************************************************
The information transmitted in this message is confidential and may be privileged.  Any review, retransmission, dissemination, or other use of this information by persons or entities other than the intended recipient is prohibited.  If you are not the intended recipient, please notify Analogic Corporation immediately - by replying to this message or by sending an email to DeliveryErrors@...logic.com - and destroy all copies of this information, including any attachments, without reading or disclosing them.

Thank you.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ