Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: [suse-security] chroot
  • From: Sebastian Krahmer <krahmer@xxxxxxx>
  • Date: Thu, 7 Dec 2000 13:22:58 +0100 (CET)
  • Message-id: <Pine.LNX.4.21.0012071321140.23918-100000@xxxxxxxxxxxxxx>
On Wed, 6 Dec 2000, Ralf Koch wrote:

> Hi.
>
> First of all: Thank you for your answers to my question relating the
> security of a chrooted environment.
>
> I just called the provider of the system working with the descripted
> chroot jail. He told me that inside the jail theres only one program
> with suid root bit set, namely crontab. No UID/GID is changed during
> "chrooting" and all programs inside the jail are unchanged copies. So
> every process executed from inside the jail runs chrooted too with
> its normal rights.
>
> Based on these statements, he estimates his system secure. My
> knowledge of hacking is quite small so i can't decide if he's wrong.
> There is another solution of locking a user in a private environment
> by starting some tasks delusioning a complete hardware environment
> with own IP and running a second complete Linux inside this
> environment (seem to be very complex, but works pretty nice). IMHO
> the safer solution. If a hacker tries to break up these tasks he cuts
> his own (virtual) kernel and (for my personal view) will be cut off
> from the connection immediately.
>
> Am I wrong?
crontab might be a problem.
I consider crond runs out of jail. If the user can place entries to
the crontab file (depends on which crontabfile cronds uses)
(s)he can break out.

Sebastian


< Previous Next >
References