From owner-freebsd-hackers  Mon Nov 16 20:31:19 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id UAA11031
          for freebsd-hackers-outgoing; Mon, 16 Nov 1998 20:31:19 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from detlev.UUCP (tex-30.camalott.com [208.229.74.30])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA11024
          for <freebsd-hackers@FreeBSD.ORG>; Mon, 16 Nov 1998 20:31:16 -0800 (PST)
          (envelope-from joelh@gnu.org)
Received: (from joelh@localhost)
	by detlev.UUCP (8.9.1/8.9.1) id WAA01320;
	Mon, 16 Nov 1998 22:30:20 -0600 (CST)
	(envelope-from joelh)
To: Mike Smith <mike@smith.net.au>
Cc: Harold Gutch <logix@foobar.franken.de>,
        zhihuizhang <bf20761@binghamton.edu>,
        hackers <freebsd-hackers@FreeBSD.ORG>
Subject: Re: Question on chroot()
References: <199811152056.MAA14163@dingo.cdrom.com>
From: Joel Ray Holveck <joelh@gnu.org>
Date: 16 Nov 1998 22:30:19 -0600
In-Reply-To: Mike Smith's message of "Sun, 15 Nov 1998 12:56:03 -0800"
Message-ID: <86sofjym90.fsf@detlev.UUCP>
Lines: 25
X-Mailer: Gnus v5.5/Emacs 20.3
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

>>> Breaking out of a chroot'ed environment is less easy if you're not 
>>> root
>> Is this meant to be read as "more or less impossible", that is,
>> impossible unless the user can become root first (due to insecure
>> suid-root binaries in the chroot-environment etc.), or can users
>> really break out in more or less every situation (of course
>> assuming stuff like that they don't have any open filehandles
>> pointing to the outside in the beginning).
> It's quite difficult to break out of a chroot'ed environment, yes, and 
> it's intended to be impossible, so obviously you can only get out 
> through flaws in the implementation...

You can read the archives for info on this, either in -current or
-hackers, I don't recall which.  Terry frequently mentions that it is
trivial to break out of a chroot environment, and that he had posted
specifics at some point.

Happy hacking,
joelh

-- 
Joel Ray Holveck - joelh@gnu.org
   Fourth law of programming:
   Anything that can go wrong wi
sendmail: segmentation violation - core dumped

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message