Re: Linux proc exploit

Richard Jones (rjones@imcl.com)
Thu, 27 Nov 1997 10:42:42 +0000


Alan Cox wrote:
>
> > What if we had per-process securelevel flag, inherited at fork etc., which
> > would make (f)suser return 0 everytime for these processes?
>
> A simple hack to do this is to make suser() check you are not chrooted
> but you can equally have no root stuff in the chroot area

There was a discussion a while back on comp.security.unix (?)
about whether it was possible to allow chroot() for ordinary
users. The general conclusion seemed to be that it might
be possible so long as chroot'd processes are not permitted
to execute any suid programs. But there may be other nasty
security implications to this ... Can anyone think of any
objections? It would certainly be useful to allow, say, users'
cgi-bin scripts to chroot to a safe environment to reduce
security risks.

Chroot() is a very neat feature but because it is limited
to root only, it's not very widely used.

Rich.

-- 
Richard Jones  rjones@imcl.com  Tel: +44 171 460 6141  Fax: .. 4461
ABLE INmEDIA Ltd.  262a Fulham Rd.  London  SW10 9EL.  "you'll write in
PGP: www.four11.com     telegraphic, or you won't write at all" [Céline]
To send me email, please leave this line in your reply: RJ-AUTH-DHQJENBA