Re: chrooting daemons no longer supported?
On Sat, Sep 12, 2009 at 06:43:24PM +0000, Florian Weimer wrote:
> The reason is that more and more libc features depend on availability
> of /proc. This means that you have to mount /proc within the chroot,
> which somewhat defeats the exercise of chrooting.
Yes. You also might need /sys and /dev depending upon what you
are doing. libc support files and NSS modules might also be
needed; setting up a correctly functioning chroot can be hard
nowadays, since there are all these details.
This is the reason I made schroot mount /proc, /sys and bind mount
/dev by default.
> On the other hand,
> it's not totally clear that chrooting is an effective defense anyway
> (I haven't got enough attack data to make a qualified judgment).
It's only virtualising the filesystem. Devices, shared memory,
semaphores, open files etc. are still shared with the host, so it's
only providing minimal protection.
> So what's the response to bugs like #545808? /proc-less chroots are
> simply unsupported?
IME, yes. OTOH, I think that GNU libc should not be completely
reliant upon /proc or /sys, and should make a best effort to
function correctly in its absence.
Regards,
Roger
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/
`- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
Reply to: