From owner-freebsd-security  Sun Oct 10  1:18:43 1999
Delivered-To: freebsd-security@freebsd.org
Received: from cheops.anu.edu.au (cheops.anu.edu.au [150.203.76.24])
	by hub.freebsd.org (Postfix) with ESMTP id 9393915485
	for <freebsd-security@FreeBSD.ORG>; Sun, 10 Oct 1999 01:18:23 -0700 (PDT)
	(envelope-from avalon@cheops.anu.edu.au)
Received: (from avalon@localhost)
	by cheops.anu.edu.au (8.9.1/8.9.1) id SAA17649;
	Sun, 10 Oct 1999 18:19:59 +1000 (EST)
From: Darren Reed <avalon@coombs.anu.edu.au>
Message-Id: <199910100819.SAA17649@cheops.anu.edu.au>
Subject: Re: chroot jail in pre 4.0
To: jread@semiotek.com (Justin Wells)
Date: Sun, 10 Oct 1999 18:19:59 +1000 (EST)
Cc: freebsd-security@FreeBSD.ORG
In-Reply-To: <19991008170540.A1618@fever.semiotek.com> from "Justin Wells" at Oct 8, 99 05:05:40 pm
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


First, if you have "nodev" as a mount option, you may find things such as
/dev/null are a problem.  Given your concerns about security problems with
this C program, and the resluctance of people to do anything about it,
perhaps what you need is for it to be stored in the chroot'd area, as a
writeable image so people can corrupt that :)

Another option is to have two partitions in your chroot'd area: one is
mounted read-only and another is mounted read-write.

The mount option of "nochroot" should be enforced by simply running as
non-root.

Darren


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message