Date: Mon, 27 Sep 1999 19:04:19 -0500 From: TrouBle <trouble@hackfurby.com> To: Carol Deihl <carol@tinker.com> Cc: freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: chroot could chdir? (was Re: about jail) Message-ID: <37F00602.96D098D3@hackfurby.com> References: <199909251302.RAA58030@grendel.sovlink.ru> <19990925171712.A80535@zenon.net> <37EEA27E.244DCF9A@tinker.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Ummm sorry but i think you have goten this backwards it is more secure to chdir, then chrrot, not chroot then chdir.... I believe what you have here is backwards > > As we all know, the chroot can be escaped because the sample > program doesn't change the current working directory, and it's > still pointing outside the chrooted area. > > What if chroot itself chdir'ed to it's new root directory? Would > this break existing programs? I'd expect that well-behaved > programs would chdir someplace useful before continuing anyway. > > At the very end of chroot(), could it just > vrele(fdp->fd_cdir); > fdp->fd_cdir = nd.ni_vp; > before it returns, setting the current dir to the same place it > just chrooted to? > > Carol > -- > Carol Deihl - principal, Shrier and Deihl - mailto:carol@tinker.com > Remote Unix Network Admin, Security, Internet Software Development > Tinker Internet Services - Superior FreeBSD-based Web Hosting > http://www.tinker.com/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37F00602.96D098D3>