Date: Mon, 14 Apr 2003 01:13:56 +0200 From: Pawel Jakub Dawidek <nick@garage.freebsd.pl> To: Ruslan Ermilov <ru@freebsd.org> Cc: Mark Shepard <mns@BEST.COM> Subject: Re: chroot() as non-root user? Message-ID: <20030413231356.GC52293@garage.freebsd.pl> In-Reply-To: <20030413154146.GB92320@sunbay.com> References: <5.2.0.9.2.20030413101417.022481b0@127.0.0.1> <20030413154146.GB92320@sunbay.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Sun, Apr 13, 2003 at 06:41:46PM +0300, Ruslan Ermilov wrote: +> chroot(2) has no effect on the process's current directory; you +> could hide (hard-link) the setuid program (su(1)) there, so +> removing this protection on the syscall level can easily result +> in a compromise. +> +> chroot(8) changes the current working directory, but it's not +> setuid root. And if kern.chroot_allow_open_directories is set to 0? -- Pawel Jakub Dawidek pawel@dawidek.net UNIX Systems Programmer/Administrator http://garage.freebsd.pl Am I Evil? Yes, I Am! http://cerber.sourceforge.net [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iQCVAwUBPpnvND/PhmMH/Mf1AQHjlAP/Ryfb5NeTeqXltHB1bdgiPEsUkoIKDwiz nWP5ksN8k5B5WeCt+LhJdc3aN9rcxtE4/NWukfh4zesmsqz6PnkZqcIljLwNVEIj EjgKVgyA9x0aRuQ6OC0MXnWM8YZ8viw1CvfAhouQaF3c5WITPBhn9cJ8HjIrt07h WufxPLOD9Q8= =GNPz -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030413231356.GC52293>