> On Tue, 31 Mar 1998, Chris Evans wrote:
>
> >
> > On Tue, 31 Mar 1998, Jeremy Fitzhardinge wrote:
> >
> > > Hi all,
> > >
> > > Here's a patch which prevents chrooted processes from escaping from
> > > their chrooted area via /proc.
> >
> > Hi,
> >
> > I'm not sure I agree with this approach -- perhaps root processes should
> > not be allowed to use the mount() syscall if root_dir != real_root. The
> > other main source of nastiness is ptrace() -- this needs to be banned in a
> > similar manner. There are other ways root could escape a chroot()
> > jail, we need to think about them and eliminate them one by one.
> - mknod()
>
> Other are not that nasty, but still nasty:
> - bind(): the lower ports are reserved to root, so another box may trust
> that a connection is coming from a system program, and not a
> user process.
It would be really nice if the stuff atatched to the lower ports didn't
need to be root. That is the only place I've ever had my system
broken into from. Wasn't even that old of a system. (redhat 4.2)
Gerhard
-- Gerhard Mack gmack@imag.net innerfire@starchat.netAs a computer I find your faith in technology amusing.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu