Re: [off-topic?] Chrooting ssh/telnet users?
Rishi L Khan <rishi@UDel.Edu> writes:
> I think the only way to accomplish a chroot IS to include all the files
> in the jail that the user needs.
[snip]
Yes. Somehow, if you're going to run something, it needs to be in the jail.
Various alternatives to consider for various reasons : busybox, rbash,
sash.
What would be nice would be a union-mount, so you could graft a "real" /bin
on top of /home/foo/bin, and so on. I'm not sure that `mount --bind' is the
same thing?
FWIW I had to implement a chroot-jailled login for someone recently; if
anyone's interested, my attempts at the relevant C, nicked in part from the
appropriate manpages, are to be found below.
There is sufficient jiggery-pokery with arg{c,v} in here to allow
ssh restricteduser@box "cat > foofile" < localfoofile
to transfer a file, but not to make scp work. (Don't ask me; don't take
this code as professional, bug-free, exploit-free or generally anything
other than rubbish, but it compiles, and it works.)
~Tim
--
no se encuentra el sistema operativo |piglet@stirfried.vegetable.org.uk
(seen mid-windows 98 installation) |http://spodzone.org.uk/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <errno.h>
#include <malloc.h>
#include <string.h>
#define NOBODY (1999)
#define ROOTPATH "/where/ever/"
#define environ NULL
int my_system (const char *command) {
int pid, status;
if (!command)
return 1;
pid = fork();
if (pid == -1)
return -1;
if (!pid) {
char *argv[4];
argv[0] = "sh";
argv[1] = "-c";
argv[2] = command;
argv[3] = 0;
execve("/bin/sh", argv, environ);
exit(127);
}
do {
if (waitpid(pid, &status, 0) == -1) {
if (errno != EINTR)
return -1;
} else
return status;
} while(1);
}
int main (int argc, char *argv[])
{
int r=0, t=0, i=0;
char *cmd;
r=chroot(ROOTPATH);
#if 0
if(r)
fprintf(stderr, "Chroot error: %d, %d, [%s]\n\n", r, errno,
sys_errlist[errno]);
#endif
chdir("/home/someplace");
setuid(NOBODY);
setgid(NOBODY);
seteuid(NOBODY);
setegid(NOBODY);
#if 0
fprintf(stderr, "Changed id: U%d G%d EU%d EG%d\n", getuid(), getgid(),
geteuid(), getegid());
#endif
for(i=t=1; i<argc; i++)
t+=strlen(argv[i]);
#if 0
printf("Combined total: %d\n", t);
#endif
cmd=malloc(t+128);
strcpy(cmd, "/bin/bash ");
if(argc>1)
strcat(cmd, "-c ");
for(i=t=1; i<argc; i++) {
strcat(cmd, argv[i]);
strcat(cmd, " ");
}
#if 0
printf("Built string [%s]\n", cmd);
#endif
my_system(cmd);
return 0;
}
Reply to: