Re: access to proc filesystem from chrooted process

Alan Cox (alan@lxorguk.ukuu.org.uk)
Fri, 28 May 1999 23:06:53 +0100 (BST)


> The claim made was that a hacker who hacks into a chroot trap can
> mount proc and use it to get out of the chroot trap, and I can't see
> how such can be done, hence the question...

/proc/[pid]/fd/.. is handles to files outside the chroot area.

That has limited uses as you are normally non root (if you are root the
chroot problem is uninteresting).

Simply provide some proc-daemons, and talk to them for ps service.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/