Re: Security patch for /proc

Alan Cox (alan@lxorguk.ukuu.org.uk)
Tue, 31 Mar 1998 13:10:44 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan Cox: "Re: Security patch for /proc"
Previous message: Shaw Carruthers: "Re: 2.0.91 bad more info"

> I'm not sure I agree with this approach -- perhaps root processes should
> not be allowed to use the mount() syscall if root_dir != real_root. The
> other main source of nastiness is ptrace() -- this needs to be banned in a
> similar manner. There are other ways root could escape a chroot()
> jail, we need to think about them and eliminate them one by one.

mkdir("x");
chroot("x");
chdir("../../../../../../../..");
chroot(".");

Let alone all the stuff like iopl() and loading modules that sysctl or
capabilities would need to cover first

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Alan Cox: "Re: Security patch for /proc"
Previous message: Shaw Carruthers: "Re: 2.0.91 bad more info"