Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Re: Re: Re: Re: Re: exiting a chroot environment

by MarkM (Curate)
on Jul 09, 2003 at 01:47 UTC ( [id://272534]=note: print w/replies, xml ) Need Help??


in reply to Re: Re: Re: Re: exiting a chroot environment
in thread exiting a chroot environment

What you are talking about is practical experience, and observation. The exact details regarding chroot() do indeed vary by implementation, and therefore, cannot be safely assumed.

As opposed to me demanding you accept my mortal words, I will refer you to a URL that seems to be quite valuable with regard to this topic. Yes, the easiest exploits involve the user running as root. This should not be taken for granted. Additional precautions are necessary.

http://www.unixwiz.net/techtips/chroot-practices.html
  • Comment on Re: Re: Re: Re: Re: exiting a chroot environment

Replies are listed 'Best First'.
Re: Re: Re: Re: Re: Re: exiting a chroot environment
by sgifford (Prior) on Jul 09, 2003 at 05:09 UTC

    I agree that the details of what happens when you have UID 0 inside a chroot environment vary from system to system. Essentially, problem is that you have an unstoppable force (root) up against an immovable object (chroot), and the results of these situations are always tricky...

    For all other UIDs, though, behavior is consistent between systems. The URL you mention agrees with this, and my experience agrees with this. As long as you code carefully, know its limits, and are not UID 0, chroot does what it says it will, and is no more of a "clever hack" than any other system call.

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://272534]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others admiring the Monastery: (4)
As of 2024-04-25 06:16 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found