Date: Mon, 7 Jul 1997 16:39:01 -0400 (EDT) From: Brian Mitchell <brian@firehouse.net> To: Robert Watson <robert@cyrus.watson.org> Cc: Sean Eric Fagan <sef@kithrup.com>, security@FreeBSD.ORG Subject: Re: Security Model/Target for FreeBSD or 4.4? Message-ID: <Pine.BSI.3.95.970707163619.16765A-100000@shell.firehouse.net> In-Reply-To: <Pine.BSF.3.95q.970707153631.3248B-100000@cyrus.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 7 Jul 1997, Robert Watson wrote: > On a related note, has anyone given any thought to making chroot() a > user-accessible call? I haven't really looked at it, so am not sure why > it can only be called by uid root programs. In terms of sandboxing (which > seems to be popular these days for various applications), it would be nice > to restrict programs to specific regions of the disk, etc. Especially if > you are a non-root user developing programs that require special > libraries, etc. Or if you want to run a restricted web or ftp server, but > don't have root access (as hopefully would be the case with the lighter > restrictions on binding ports <1024.) picture this, /usr/home is the same fs as /usr/bin - you create a reasonable tree with its own passwd file, you populate your usr/bin with hardlinks, you chroot and run su su will read your passwd file, giving you root. you create a setuid shell or something similar and then log out of the shell and go back to the nonchrooted environment and run the suid root shell. Brian Mitchell brian@firehouse.net "BSD code sucks. Of course, everything else sucks far more." - Theo de Raadt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.95.970707163619.16765A-100000>