From owner-freebsd-security  Sun Sep 26 16: 3:24 1999
Delivered-To: freebsd-security@freebsd.org
Received: from bekool.com (ns2.netquick.net [216.48.34.2])
	by hub.freebsd.org (Postfix) with ESMTP
	id 733EA153F2; Sun, 26 Sep 1999 16:03:18 -0700 (PDT)
	(envelope-from trouble@hackfurby.com)
Received: from angelsguardian.netquick.net ([199.72.47.239] helo=hackfurby.com)
	by bekool.com with esmtp (Exim 3.03 #1)
	id 11VNco-0008ab-00; Sun, 26 Sep 1999 23:22:34 +0000
Message-ID: <37F00675.67D198FD@hackfurby.com>
Date: Mon, 27 Sep 1999 19:06:13 -0500
From: TrouBle <trouble@hackfurby.com>
Reply-To: trouble@hackfurby.com
X-Mailer: Mozilla 4.61 [en] (X11; I; FreeBSD 3.3-RELEASE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Carol Deihl <carol@tinker.com>
Cc: freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG
Subject: Re: chroot could chdir? (was Re: about jail)
References: <199909251302.RAA58030@grendel.sovlink.ru> <19990925171712.A80535@zenon.net> <37EEA27E.244DCF9A@tinker.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Umm I think you have gotten this backwards, it is more secure to chdir first
then chroot.... I think you have this backwards..... in my virtual environment
i chdir working dir, then chroot.......  ive not been able to escape my
chrooted jail setup yet..... nor have i seen any code that will


>
>
> As we all know, the chroot can be escaped because the sample
> program doesn't change the current working directory, and it's
> still pointing outside the chrooted area.
>
> What if chroot itself chdir'ed to it's new root directory? Would
> this break existing programs? I'd expect that well-behaved
> programs would chdir someplace useful before continuing anyway.
>
> At the very end of chroot(), could it just
>         vrele(fdp->fd_cdir);
>         fdp->fd_cdir = nd.ni_vp;
> before it returns, setting the current dir to the same place it
> just chrooted to?
>
> Carol
> --
> Carol Deihl - principal, Shrier and Deihl - mailto:carol@tinker.com
> Remote Unix Network Admin, Security, Internet Software Development
>   Tinker Internet Services - Superior FreeBSD-based Web Hosting
>                      http://www.tinker.com/
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message