Re: Re: Re: Re: exiting a chroot environment

AFAIK, the guarantee provided by all Unix systems is that non-root users can't escape from chroot. I can't find a good reference, but that's always been my understanding of this system call. root's limitations in chroot vary by operating system.

It's safe to trust chroot as long as you drop root before executing untrusted code.

Comment on Re: Re: Re: Re: exiting a chroot environment

Replies are listed 'Best First'.
Re: Re: Re: Re: Re: exiting a chroot environment by MarkM (Curate) on Jul 09, 2003 at 01:47 UTC
What you are talking about is practical experience, and observation. The exact details regarding chroot() do indeed vary by implementation, and therefore, cannot be safely assumed. As opposed to me demanding you accept my mortal words, I will refer you to a URL that seems to be quite valuable with regard to this topic. Yes, the easiest exploits involve the user running as root. This should not be taken for granted. Additional precautions are necessary. http://www.unixwiz.net/techtips/chroot-practices.html	[reply]
Re: Re: Re: Re: Re: Re: exiting a chroot environment by sgifford (Prior) on Jul 09, 2003 at 05:09 UTC
I agree that the details of what happens when you have UID 0 inside a `chroot` environment vary from system to system. Essentially, problem is that you have an unstoppable force (`root`) up against an immovable object (`chroot`), and the results of these situations are always tricky... For all other UIDs, though, behavior is consistent between systems. The URL you mention agrees with this, and my experience agrees with this. As long as you code carefully, know its limits, and are not UID 0, `chroot` does what it says it will, and is no more of a "clever hack" than any other system call.	[reply]


Problems? Is your data what you think it is?
	PerlMonks