Re: anyone tried chroot_safe?

To: debian-user <debian-user@lists.debian.org>
Subject: Re: anyone tried chroot_safe?
From: Joey Hess <joeyh@debian.org>
Date: Wed, 13 Oct 2004 15:07:12 -0400
Message-id: <[🔎] 20041013190712.GA18833@kitenet.net>
Mail-followup-to: debian-user <debian-user@lists.debian.org>
In-reply-to: <[🔎] 416D0A1C.7040508@iliana.nl>
References: <[🔎] 20041012195139.GA4920@yggdrasil.localdomain> <[🔎] 20041012200917.GB724@kitenet.net> <[🔎] 416D0A1C.7040508@iliana.nl>

Joost Witteveen wrote:
> Looking at the code, it seems as though chroot_safe simply uses the
> normal chroot() call; I would think the binary running would not be
> able to see the difference between `real' chroot and chroot_safe
> (and should thus not be able to exploit bugs in chroot_safe).

I'm thinking about a binary somehow managing to run code before the
LD_PRELOAD hooks take effect, by perhaps tricking the dynamic linker, or
overflowing a buffer in chroot_safe, or the like. Unlikely, for sure.

-- 
see shy jo

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- anyone tried chroot_safe?
  - From: Greg Norris <haphazard@kc.rr.com>
- Re: anyone tried chroot_safe?
  - From: Joey Hess <joeyh@debian.org>
- Re: anyone tried chroot_safe?
  - From: Joost Witteveen <joostje@iliana.nl>

Prev by Date: Re: big boot problem with sid i-386 installer
Next by Date: base-config net install not installing any packages
Previous by thread: Re: anyone tried chroot_safe?
Next by thread: Re: anyone tried chroot_safe?
Index(es):
- Date
- Thread