From owner-freebsd-hackers Tue May 27 09:20:53 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id JAA20097 for hackers-outgoing; Tue, 27 May 1997 09:20:53 -0700 (PDT) Received: from phaeton.artisoft.com (phaeton.Artisoft.COM [198.17.250.50]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id JAA20090 for ; Tue, 27 May 1997 09:20:49 -0700 (PDT) Received: (from terry@localhost) by phaeton.artisoft.com (8.6.11/8.6.9) id JAA15356; Tue, 27 May 1997 09:16:06 -0700 From: Terry Lambert Message-Id: <199705271616.JAA15356@phaeton.artisoft.com> Subject: Re: Correct way to chroot for shell account users? To: peter@grendel.IAEhv.nl (Peter Korsten) Date: Tue, 27 May 1997 09:16:05 -0700 (MST) Cc: mrcpu@cdsnet.net, hackers@FreeBSD.ORG In-Reply-To: <19970526233013.13944@hw.nl> from "Peter Korsten" at May 26, 97 11:30:13 pm X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > > Anybody got any tips on how to write a secure shell to exec on login to > > set a users environment to the "right thing". > > > > (I don't mean a rsh type secure shell, but rather a good secure thing > > to have in /etc/master.passwd that execs the real shell in a chroot'd > > environment.). > > I don't think you can build a real shell (like sh or csh) and have > it run safely inside a chroot environment. Someone (as a matter of > fact, the FreeBSD security officer :) ) showed me how to break out > of a chroot environment with a simple 'ln' or something like that. Actually, this problem has to do with namei() and the use of NULL to indicate a non-chroot struct file * for the current directory for the process. I've complained about this before. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.