Firewall Wizards mailing list archives
Re: chroot useful?
From: "Joseph S. D. Yao" <jsdy () cospo osis gov>
Date: Mon, 10 Nov 1997 12:03:42 -0500 (EST)
I always had some doubts about the real protection that a chrooted environment can give. As you know, there is a lot of things that can be done in this environment, supposing you can bring some binaries in it:
...
tried on a linux box to mount the /proc filesystem in a chrooted environment, and it worked. I had immediate access to all the process descriptors, filtering rules and all a hacker may dream to reach in a system.
...
1) Did I miss something so that my test is meaningless? 2) I used the chroot command, not the system call; could the problem be a consequence of a buggy implementation of the command? Maybe I should try using the system call in a C program... 3) Is the problem common on other systems with the proc file system? 4) I didn't try mknod, but it should work the same way, right?
Why does your 'chroot'ed environment have 'mount' and 'mknod' in the first place? Minimalize! Give them the very least they need to do what they need to do. And DON'T let them bring in their own fun little binaries.
And finally: if the above is correct, what's the usefulness of chroot, besides giving some more trouble to the hacker?
Locks are rated as to their utility under different circumstances: so many weeks against blind fumbling, so many days against a skilled attack, so many hours against power tools, so many seconds against explosives. ;-) They are never guarantees that nobody will get through them; only an additional layer of deterrent, so that perhaps somebody will decide that it's not worth while to go through THIS door ... perhaps a window will be open somewhere? Similarly, chrooting is a deterrent, not a guarantee (and, especially, not as much of a guarantee as it used to be). Yes, it would be nice if it compartmented more than it did. In fact, that's an interesting idea: as chroot partitions the file system, perhaps there might be other services to partition off other kernel services? For the future. -- Joe Yao jsdy () cospo osis gov - Joseph S. D. Yao COSPO Computer Support EMT-A/B ----------------------------------------------------------------------- This message is not an official statement of COSPO policies.
Current thread:
- chroot useful? Claudio Telmon (Nov 08)
- Re: chroot useful? Darren Reed (Nov 09)
- Re: chroot useful? Claudio Telmon (Nov 09)
- Re: chroot useful? Joseph S. D. Yao (Nov 10)
- Re: chroot useful? Andreas Siegert (Nov 12)
- Re: chroot useful? chuck+fwwiz (Nov 10)
- <Possible follow-ups>
- Re: chroot useful? Paul McNabb (Nov 12)
- Re: chroot useful? Steven M. Bellovin (Nov 13)
- Re: chroot useful? C Matthew Curtin (Nov 21)
- Re: chroot useful? Steven M. Bellovin (Nov 13)
- Re: chroot useful? Paul McNabb (Nov 12)
- Re: chroot useful? Douglas R. Steinbaum (Nov 13)
- Re: chroot useful? Darren Reed (Nov 14)
- Re: chroot useful? Steven M. Bellovin (Nov 14)
- Re: chroot useful? Aleph One (Nov 14)
(Thread continues...)
- Re: chroot useful? Darren Reed (Nov 09)