Re: apt-get and The_User

To: Remco Blaakmeer <remco-blaakmeer@quicknet.nl>
Cc: xsdg <xsdg@softhome.net>, debian-devel@lists.debian.org
Subject: Re: apt-get and The_User
From: tb@becket.net (Thomas Bushnell, BSG)
Date: 02 Dec 2000 22:35:54 -0800
Message-id: <[🔎] 87ofyuvwol.fsf@becket.becket.net>
In-reply-to: Remco Blaakmeer's message of "Sun, 3 Dec 2000 01:03:54 +0100 (CET)"
References: <[🔎] Pine.LNX.3.96.1001203000238.10084B-100000@qn-195-66-31-144.quicknet.nl>

Remco Blaakmeer <remco-blaakmeer@quicknet.nl> writes:

> In what way would chroot elevate privileges for a non-root user?

The standard example works something like this, supposing I can write
the directory "foo":

mkdir foo/{bin,etc}
ln /bin/su foo/bin/su
ln /bin/bash foo/bin/bash
ln /etc/halt foo/bin/halt
echo "root::0:0:root:/:/bin/bash" > foo/etc/passwd
chroot foo su -c halt

In other words, setuid programs very very frequently rely on the
authenticity of certain files they find with absolute pathnames, and
if chroot could defeat that, there would be a security hole, so when
BSD added chroot, they made sure it was restricted to root.

The Hurd takes a different tack out: anybody can do chroot, but a
setuid program always has a root directory of the real system root,
not the one inherited from the parent.

Thomas

Reply to:

Follow-Ups:
- Re: apt-get and The_User
  - From: Paul Slootman <paul@murphy.nl>

References:
- Re: apt-get and The_User
  - From: Remco Blaakmeer <remco-blaakmeer@quicknet.nl>

Prev by Date: Re: ITP plex86, if it complies to DFSG
Next by Date: Re: apt-get and The_User
Previous by thread: Re: apt-get and The_User
Next by thread: Re: apt-get and The_User
Index(es):
- Date
- Thread