Firewall Wizards mailing list archives
Re: chroot useful?
From: Darren Reed <darrenr () cyber com au>
Date: Fri, 14 Nov 1997 13:55:23 +1100 (EST)
In some mail I received from Douglas R. Steinbaum, sie wrote
Regarding the comment made by Steve Bellovin (pasted at the end of this message): I was under the impression that running the chroot() command on a UNIX box would make it impossible for all subsequently launched programs to access files located above the newly defined root point, even if such programs are launched with a UID of 0. Thus, the command could be used as a simple "wrapper" to prevent a user application program which is not completely trusted (for example, a commercial SW package for which source code is unavailable) from being misused to access critical system files. That is, chroot could be run to define the root point such that critical files are inaccessible, and then the untrusted application would subsequently be launched. Is this not correct?
No. If it can write to /dev/kmem (especially), then all it needs to do is call the mknod(2) system call, create the right device for /dev/kmem, open it, search for the right place in memory to change and voila! No more chroot'd environment. Most of the buffer exploits for programs could be converted to do that or make it possible. chroot is best used, in the way you describe above, to limit the reach of non-root programs. I wouldn't regard denying write perms to /dev/kmem a panacea either. I think you need to go a lot further than that before the chroot environment is safe for root programs. As Steve said, chroot doesn't create a virtual environment which is what you (and a lot of people) confuse it for doing. Darren
Current thread:
- Re: chroot useful?, (continued)
- Re: chroot useful? Darren Reed (Nov 09)
- Re: chroot useful? Claudio Telmon (Nov 09)
- Re: chroot useful? Joseph S. D. Yao (Nov 10)
- Re: chroot useful? Andreas Siegert (Nov 12)
- Re: chroot useful? chuck+fwwiz (Nov 10)
- Re: chroot useful? Paul McNabb (Nov 12)
- Re: chroot useful? Steven M. Bellovin (Nov 13)
- Re: chroot useful? C Matthew Curtin (Nov 21)
- Re: chroot useful? Steven M. Bellovin (Nov 13)
- Re: chroot useful? Paul McNabb (Nov 12)
- Re: chroot useful? Douglas R. Steinbaum (Nov 13)
- Re: chroot useful? Darren Reed (Nov 14)
- Re: chroot useful? Steven M. Bellovin (Nov 14)
- Re: chroot useful? Aleph One (Nov 14)
- Re: chroot useful? Steven M. Bellovin (Nov 15)
- Re: chroot useful? Bernhard Schneck (Nov 14)
- Re: chroot useful? Darren Reed (Nov 09)
- Re: chroot useful? Paul McNabb (Nov 14)
- Re: chroot useful? Paul McNabb (Nov 14)
- Re: chroot useful? Paul McNabb (Nov 14)
- Re: chroot useful? Anton J Aylward (Nov 15)
- Re: chroot useful? Steven M. Bellovin (Nov 16)
- Re: chroot useful? Anton J Aylward (Nov 15)