From: Martin Josefsson (gandalf_at_wlug.westbo.se)
Date: Sun Feb 10 2002 - 12:35:26 EST
On 10 Feb 2002, klavs klavsen wrote:
> Hi guys,
>
> I have a security question, in regards to vserver.
>
> I read this article about chrooting your services
> http://www.gnujobs.com/Articles/23/chroot.html
> and if you did so, as I understand it - it would be kind of achieving
> the same as vserver - from a hackers standpoint - without all the smart
> benefits.(no disrespect meant).
>
> In the comments I saw this article about breaking a chroot.
> http://www.bpfh.net/simes/computing/chroot-break.html
>
> My question is, if anyone know or have tried wether or not the chroot
> functionality of vserver can be broken like this? or does the kernel
> changes help ensure, this never happens?
>
> This just to know how well I should sleep at night, with vserver
> installed :-)
The new stuff in the ctx-7 patch fixes all chroot breakouts that I know
of. the way described in
http://www.bpfh.net/simes/computing/chroot-break.html is plugged.
What I'm talking about is breaking out of a vserver, that should be fixed
in ctx-7. But if you have a new chroot in a vserver that chroot could be
broken out of but the attacker would still not be able to get out of the
vserver.
chroot() is unsafe by nature. but if you can limit the directoryaccess as
done in vfs_permission in the ctx-6 and 7 patches then you can limit them
from getting out, but this can currently only be done in one stage. So a
second chroot in a vserver is quite insecure.
/Martin
Never argue with an idiot. They drag you down to their level, then beat you with experience.
This archive was generated by hypermail 2.1.4 : Mon Aug 19 2002 - 12:01:00 EDT