Date: Mon, 02 Jun 1997 10:53:27 -0700 From: Julian Elischer <julian@whistle.com> To: Mikael Karpberg <karpen@ocean.campus.luth.se> Cc: "Daniel O'Callaghan" <danny@panda.hilink.com.au>, hackers@FreeBSD.ORG Subject: Re: Correct way to chroot for shell account users? Message-ID: <33930897.2781E494@whistle.com> References: <199706021627.SAA24678@ocean.campus.luth.se>
next in thread | previous in thread | raw e-mail | index | archive | help
Mikael Karpberg wrote: > > According to Daniel O'Callaghan: > > > > > > On Fri, 30 May 1997, Bob Bishop wrote: > > > > > At 0:03 +0100 30/5/97, Daniel O'Callaghan wrote: > > > >On Thu, 29 May 1997, Bob Bishop wrote: > > > > > > > >> I'm sure I'm being desperately naive here, but isn't it sufficient for > > > >> safety to make chroot(2) a successful no-op unless / is really / (ie the > > > >> process isn't chrooted already)? > > > > > > > >That means that you can't run anon ftp properly in a chrooted file system, > > > >because ftpd is not allowed to chroot again. > > > > > > Why would you want to do that? > > > > Well, I have virtual machines for my virtual WWW service - http, ftpd and > > telnetd all run chroot()ed. The customer can access everywhere in their > > virtual machine, and they have an anon ftp area which they can > > administer, but which gets chrooted again if someone logs in as anonymous. > > Shouldn't be to hard to only allow a chroot down into the tree and > never up, right? So you can go further down, but never up again. > Is there a problem with that (which should be rather simple) fix? > That would keep even root in jail, no? If not, how could he get out? > > /Mikael define down/up... whether or not you do a chroot after you have escaped is irrelevant. you can still access files..
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?33930897.2781E494>