[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-kernel
Subject:    Re: access to proc filesystem from chrooted process
From:       Riley Williams <rhw () MemAlpha ! CX>
Date:       1999-05-31 23:15:55
[Download RAW message or body]

Hi Jeremy.

 >>>> Simply provide some proc-daemons, and talk to them for ps
 >>>> service.

 >>> Doable but still it's interesting question: is it possible
 >>> for non-root to get out of chroot trap via proc ?

 >> So far, nobody has suggested any method that actually works...

 > Well, I'd love to know about any holes people find, because I
 > went to some effort to specifically ensure non-root processes
 > can't use /proc to escape chroot.

That's very good to hear. I can state that I've been unable to find
any way out of a chroot trap on 2.2.5 and 2.2.9 (the two kernels I've
used), although as previously stated, 2.0.36 is rather less secure.

Best wishes from Riley.

+----------------------------------------------------------------------+
| There is something frustrating about the quality and speed of Linux  |
| development, ie., the quality is too high and the speed is too high, |
| in other words, I can implement this XXXX feature, but I bet someone |
| else has already done so and is just about to release their patch.   |
+----------------------------------------------------------------------+
 * ftp://ftp.MemAlpha.cx/pub/rhw/Linux
 * http://www.MemAlpha.cx/kernel.versions.html


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

[prev in list] [next in list] [prev in thread] [next in thread]