Re: apt-get and The_User

To: Ethan Benson <erbenson@alaska.net>
Cc: debian-devel@lists.debian.org, Daniel Burrows <Daniel_Burrows@brown.edu>
Subject: Re: apt-get and The_User
From: tb@becket.net (Thomas Bushnell, BSG)
Date: 02 Dec 2000 22:37:41 -0800
Message-id: <[🔎] 87k89ivwlm.fsf@becket.becket.net>
In-reply-to: Ethan Benson's message of "Sat, 2 Dec 2000 17:33:11 -0900"
References: <[🔎] 20001202174648.A8616@216.254.117.126> <[🔎] Pine.LNX.3.96.1001203000238.10084B-100000@qn-195-66-31-144.quicknet.nl> <[🔎] 20001202203928.A667@torrent> <[🔎] 20001202173311.H22155@plato.local.lan>

Ethan Benson <erbenson@alaska.net> writes:

> that would probably work, but another reason is simply that if
> chroot() is not privileged then any chrooted daemon/user could easily
> break out of a chroot jail.  
> 
> iirc this works by opening a directory, say /foo, where /foo is
> really a chroot at /home/foo,  the user can then chroot to /foo/bar,
> and use the open descriptor on /foo to break out of the chroot
> entirely.  
> 
> i think i got that partly wrong but thats the basic idea i read
> somewhere.   

I'm a little confused about your example; maybe I've misunderstood it,
but I think you're incorrect.

Any program which is chrooting into a jail must also make sure there
are no open file descriptors to things that might let the user out;
notably, if the system has an fchdir syscall.  

Thomas

Reply to:

Follow-Ups:
- Re: apt-get and The_User
  - From: Ethan Benson <erbenson@alaska.net>

References:
- Re: apt-get and The_User
  - From: xsdg <xsdg@softhome.net>
- Re: apt-get and The_User
  - From: Remco Blaakmeer <remco-blaakmeer@quicknet.nl>
- Re: apt-get and The_User
  - From: Daniel Burrows <Daniel_Burrows@brown.edu>
- Re: apt-get and The_User
  - From: Ethan Benson <erbenson@alaska.net>

Prev by Date: Re: apt-get and The_User
Next by Date: Re: ITP plex86, if it complies to DFSG
Previous by thread: Re: apt-get and The_User
Next by thread: Re: apt-get and The_User
Index(es):
- Date
- Thread