Re: [PATCH] sys_chroot() hook for additional chroot() jailsenforcing

From: Lorenzo Hernández García-Hierro
Date: Mon Feb 07 2005 - 18:45:00 EST

Next message: Dan Malek: "Re: question on symbol exports"
Previous message: Andrew Morton: "Re: [RFC][PATCH 2.6.11-rc3-mm1] Relay Fork Module"
In reply to: Serge E. Hallyn: "Re: [PATCH] sys_chroot() hook for additional chroot() jails enforcing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

El lun, 07-02-2005 a las 16:50 -0600, Serge E. Hallyn escribió:
> Hi,
>
> If I understood you correct earlier, the only policy you needed to
> enforce was to prevent double-chrooting. If that is the case, why is it
> not sufficient to keep a "process-has-used-chroot" flag in
> current->security which is set on the first call to
> capable(CAP_SYS_CHROOT) and inherited by forked children, after which
> calls to capable(CAP_SYS_CHROOT) are refused?
>
> Of course if you need to do more, then a hook might be necessary.

Yeah, checking that process is chrooted using the current macro and
denying if capable() gets it trying to access CAP_SYS_CHROOT it's the
way that vSecurity currently does it.

But the hook will have to handle some chdir enforcing that can't be done
with current hooks, I will explain it further tomorrow.

It's too late here ;)

Cheers,
--
Lorenzo Hernández García-Hierro <lorenzo@xxxxxxx>
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]

Attachment: signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmadadigitalmente

Next message: Dan Malek: "Re: question on symbol exports"
Previous message: Andrew Morton: "Re: [RFC][PATCH 2.6.11-rc3-mm1] Relay Fork Module"
In reply to: Serge E. Hallyn: "Re: [PATCH] sys_chroot() hook for additional chroot() jails enforcing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]