From: Jacques Gelinas (jack_at_solucorp.qc.ca)
Date: Wed 20 Feb 2002 - 19:35:38 GMT
On Fri, 15 Feb 2002 15:05:45 -0500, klavs klavsen wrote
> > And yeah, thats correct. You can use chroot within the virtual server, and
> > you can do it securely. There was a bug where you could use chroot
> > within vserver to escape out of the vserver and back into the root server.
> > That has been fixed for a while. ;)
> but chroot is still buggy (even if it's running under a vserver) so that
> one could break out of a chroot jail and get to other services on the
> same vserver?
chroot is generally used like that
if (fork()==0){
chroot ("/somedir");
setuid (some_user);
do the task
}
chroot is only usable by root. Just using chroot to isolate a root process is
indeed not powerful enough. Forget about the chroot. If the intruder is root, he
can do a lot to the machine (reboot it, halt it) without breaking the chroot.
bind in newer distribution runs as user named. So combining the special
user ID + chroot is very robust.
the issue of chroot and vserver was important because a vserver has to
allow root process inside the vserver and as such has to allow chroot system call
in many cases. But in general, to jail a process using chroot, you switch to
another user ID. then chroot is reliable and robust.
---------------------------------------------------------
Jacques Gelinas <jack_at_solucorp.qc.ca>
vserver: run general purpose virtual servers on one box, full speed!
http://www.solucorp.qc.ca/miscprj/s_context.hc