Re: 2.6.18 - check for chroot, broken root and cwd values in procfs

From: Bastian Blank
Date: Fri Oct 13 2006 - 19:06:36 EST

Next message: Jan Dittmer: "Re: [PATCH 01/02 V3] net/ipv6: seperate sit driver to extra module"
Previous message: Benjamin Herrenschmidt: "Re: [linux-pm] Bug in PCI core"
In reply to: Andreas Schwab: "Re: 2.6.18 - check for chroot, broken root and cwd values in procfs"
Next in thread: Eric W. Biederman: "Re: 2.6.18 - check for chroot, broken root and cwd values in procfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Oct 12, 2006 at 04:02:24PM +0200, Bastian Blank wrote:
> The commit 778c1144771f0064b6f51bee865cceb0d996f2f9 replaced the old
> root-based security checks in procfs with processed based ones.

The new behaviour even allows a user to escape from the chroot by using
chdir to /proc/$pid/cwd or /proc/$pid/root of a process he owns and
lives outside of the chroot.

Bastian

--
Punishment becomes ineffective after a certain point. Men become insensitive.
-- Eneg, "Patterns of Force", stardate 2534.7

Attachment: signature.asc
Description: Digital signature

Next message: Jan Dittmer: "Re: [PATCH 01/02 V3] net/ipv6: seperate sit driver to extra module"
Previous message: Benjamin Herrenschmidt: "Re: [linux-pm] Bug in PCI core"
In reply to: Andreas Schwab: "Re: 2.6.18 - check for chroot, broken root and cwd values in procfs"
Next in thread: Eric W. Biederman: "Re: 2.6.18 - check for chroot, broken root and cwd values in procfs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]