Date: Sat, 21 Nov 1998 21:40:32 -0800 From: Don Lewis <Don.Lewis@tsc.tdk.com> To: Julian Elischer <julian@whistle.com>, Eivind Eklund <eivind@yes.no> Cc: Mike Smith <mike@smith.net.au>, Harold Gutch <logix@foobar.franken.de>, zhihuizhang <bf20761@binghamton.edu>, hackers <freebsd-hackers@FreeBSD.ORG> Subject: Re: Question on chroot() Message-ID: <199811220540.VAA00380@salsa.gv.tsc.tdk.com> In-Reply-To: Julian Elischer <julian@whistle.com> "Re: Question on chroot()" (Nov 17, 12:09pm)
next in thread | previous in thread | raw e-mail | index | archive | help
On Nov 17, 12:09pm, Julian Elischer wrote: } Subject: Re: Question on chroot() } > I'm not sure if you need the fchdir(); chroot() is not supposed to } > affect your current directory. I don't think anybody has fixed the } > above problem; it seems quite difficult to fix (you have to know which } > FDs are inside and outside the jail, which is non-trivial). } } You can test all fds that are directories to see if they are outside the } chroot, and fail the chroot if there are any such. } However it doesn't help because you can fork, open a unix domain socket, } and have the child do the chroot and then have the parent send it } an fd that would have made the chroot fail. Another way to break out is to fork(), then in one process chroot() to a subdirectory and chdir() to a subdirectory of the new chroot directory, and then in the other process rename the second subdirectory out from under the chroot directory. --- Truck To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811220540.VAA00380>