Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine

Re: Re: Re: Re: Re: exiting a chroot environment

by MarkM (Curate)
on Jul 09, 2003 at 01:47 UTC ( #272534=note: print w/ replies, xml ) Need Help??

in reply to Re: Re: Re: Re: exiting a chroot environment
in thread exiting a chroot environment

What you are talking about is practical experience, and observation. The exact details regarding chroot() do indeed vary by implementation, and therefore, cannot be safely assumed.

As opposed to me demanding you accept my mortal words, I will refer you to a URL that seems to be quite valuable with regard to this topic. Yes, the easiest exploits involve the user running as root. This should not be taken for granted. Additional precautions are necessary.

Comment on Re: Re: Re: Re: Re: exiting a chroot environment
Re: Re: Re: Re: Re: Re: exiting a chroot environment
by sgifford (Prior) on Jul 09, 2003 at 05:09 UTC

    I agree that the details of what happens when you have UID 0 inside a chroot environment vary from system to system. Essentially, problem is that you have an unstoppable force (root) up against an immovable object (chroot), and the results of these situations are always tricky...

    For all other UIDs, though, behavior is consistent between systems. The URL you mention agrees with this, and my experience agrees with this. As long as you code carefully, know its limits, and are not UID 0, chroot does what it says it will, and is no more of a "clever hack" than any other system call.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://272534]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (7)
As of 2014-11-29 03:05 GMT
Find Nodes?
    Voting Booth?

    My preferred Perl binaries come from:

    Results (203 votes), past polls