On Mon, Jun 05, 2006 at 07:20:54PM +0200, Bernd Paysan wrote:
On Friday 02 June 2006 23:39, Andi Kleen wrote:
A possible different way would be to create a new name space using clone(CLONE_NEWNS) and overwrite all binaries/directories you want to be different with mount --bind in the new name space.
There isn't a program included to do this but it should be relatively easy to write.
Sounds like ~10 lines of code, i.e. clone with the CLONE_NEWNS flag, and if you get a pid, wait for exit of all childs and exit(), otherwise mount() to "/lib" with the MS_BIND flag, set the user id, and exec() to the remainings of arg[] (or /bin/bash if empty).
In principle yes. Actually this solution does provide some additional risks you should consider: A system that allows a normal user to execute applications with the SUID bit set together with user selected library replacements can trivially be compromised by this user. Thus unless you don't care about security at all you have to make sure that either only libraries can be installed that are approved by the sysadmin or that the user does no longer have the option to execute SUID or SGID binaries within the new namespace. Robert -- Robert Schiele Tel.: +49-621-181-2214 Dipl.-Wirtsch.informatiker mailto:rschiele@uni-mannheim.de "Quidquid latine dictum sit, altum sonatur."