Re: chroot useful?

[mcnabb () argus-systems com (Paul McNabb)]

>  From: Darren Reed <darrenr () cyber com au>
>  
>  > 4) I didn't try mknod, but it should work the same way, right?
>  
>  Yes.  On a typical system, getting root in a chroot'd environment can mean
>  "game over".  When you start doing things like making kmem read-only,
>  disallowing various system calls (mknod, for example), preventing raw
>  devices from being opened, then chroot'd environments become safer places
>  to let root programs run wild.

The same holds true on Solaris, of course.  That's why on the Solaris
firewalls and network servers we work with at customer sites, we make it
so that people connecting using any network daemon for any protocol cannot
use the chmod or uadmin system calls, even if they are root.  We make all
memory devices and all disk devices entirely off-limits, even to processes
running as root.  And finally, we turn off read, write, and execute for
almost all files, directories, programs, and devices on the system, again
even for root.

When this is in place, you don't really chroot for protection any more.
You use chroot only when you need to provide an alternate environment for
a process or session.

paul

---------------------------------------------------------
Paul McNabb                     Argus Systems Group, Inc.
Vice President and CTO          1809 Woodfield Drive
mcnabb () argus-systems com        Savoy, IL 61874 USA
TEL 217-355-6308
FAX 217-355-1433                "Securing the Future"
---------------------------------------------------------