Firewall Wizards mailing list archives
Re: chroot useful?
From: Darren Reed <darrenr () cyber com au>
Date: Mon, 17 Nov 1997 11:38:01 +1100 (EST)
In some mail I received from Anton J Aylward, sie wrote
At 07:12 PM 16/11/97 +1100, Darren Reed wrote: ## Reply Start ##[...mjr's email deleted...] So, how many firewalls out there implemented with any of the common operating systems (be they free or commercial) actually do this ?Why not ask them. Many claim to run "hardened" versions of BSD or LINUX. Vulnerabilites and exploits are well publicized, and many of the developers read these lists. I doubt many are going to be so arrogant as to take a NIH approach to something Marcus has contributed to the state of the technology ;-)
Well, the majority of the firewall market doesn't run on a "hardened" version of the OS because that's not what FW-1 uses. What % of the market do those selling hardened OS's make up ? And for those using freely available bits and pieces... How many people can hack their BSD/Linux systems appropriately ? It's not anywhere near as easy as setting up ipfwadm rules(?).
Chroot() is just one way of implementing a technique of virtualizing a file system - putting the process in a box, if you will.
Putting the process in a box requires more than just changing it's concept of the root file system.
Other modified kernels have made the sockets only accessible thru the file system (/dev/tcp/smtp ==> handler to look up the next segment in the path such as /dev/tcp/smtp/nfr.com for example; this one has been documented)
Which helps address some of the issues which go tawards building a box around a process. [...]
What marcus did was redefine the specification of the kernel to say that if a process is chroot()ed then it has reduced privilege. He showed how that could be SIMPLY implemented using existing systems, without having to invest in building a new system and preserving the investment in already existing experience and technology.
It's what I would consider a "hack" and what you're describing is where "hacks" fit in. They usually don't, however, form a good basis for a product or design. (NOTE, if you've designed something to be a hack, I'd say its a kludge :)
Yes, I am working on something to address this and other related issues without being too complacent it or naive about what the result will be.This is a clean sheet design, right, which doesn't use ANY BSD or LINUX code? Or any other stuff in the public domain?
Sigh...the best I can do is interface with existing code. It's an unfortunate position to be in but I don't want to reinvent Unix. Sure, if someone paid me to do it, that'd be great, but they'd probably want some sort of ownership of the work then too. Darren
Current thread:
- Re: chroot useful?, (continued)
- Re: chroot useful? Bernhard Schneck (Nov 14)
- Re: chroot useful? Paul McNabb (Nov 14)
- Re: chroot useful? Paul McNabb (Nov 14)
- Re: chroot useful? Paul McNabb (Nov 14)
- Re: chroot useful? Anton J Aylward (Nov 15)
- Re: chroot useful? Steven M. Bellovin (Nov 16)
- Re: chroot useful? Anton J Aylward (Nov 15)
- Re: chroot useful? Darren Reed (Nov 16)
- Re: chroot useful? Anton J Aylward (Nov 16)
- Re: chroot useful? Anton J Aylward (Nov 16)
- Re: chroot useful? Darren Reed (Nov 16)
- Re: chroot useful? Rick Murphy (Nov 17)
- Hardening, (was Re: chroot useful?) Marcus J. Ranum (Nov 20)
- Re: Hardening, (was Re: chroot useful?) Paul D. Robertson (Nov 21)
- Re: chroot useful? C. Harald Koch (Nov 20)
- Re: chroot useful? Darren Reed (Nov 16)
- Re: chroot useful? Wolfgang Ley (Nov 16)
- Re: chroot useful? Darren Reed (Nov 16)
- Re: chroot useful? Aleph One (Nov 17)
- syscall wrappers (was Re: chroot useful?) Bennett Todd (Nov 17)
- Re: syscall wrappers (was Re: chroot useful?) George Ross (Nov 20)