[550] in linux-security and linux-alert archive
Re: about chroot.
daemon@ATHENA.MIT.EDU (Alexander O. Yuriev)
Fri Jan 5 17:24:47 1996
Date: Thu, 4 Jan 1996 10:45:56 -0500 (EST)
From: "Alexander O. Yuriev" <alex@bach.cis.temple.edu>
To: Grant Taylor <gtaylor@picante.com>
cc: luka@mhv.net, BIG-LINUX@NETSPACE.ORG,
Linux Security Mailing List <linux-security@tarsier.cv.nrao.edu>
In-Reply-To: <199601041430.JAA20444@pace.picante.com>
[mod: quoting trimmed. --okir]
On Thu, 4 Jan 1996, Grant Taylor wrote:
> Has rsh been mentioned yet? It's the usual solution to this problem.
> I know that pdksh has an rsh mode, and bash can supposedly be compiled
> in rsh mode.
The rule number one here has to be "never assume". If restricted shells
were more or less "stable" in what they can restrict the jail-type
environents would have been described in every single book about Unix
system administration. Using restricted shell assumes that one can
totally control the environment in which the program executes. That
is very hard to achieve if user has an ability to modify the environment,
for example is able to create files. A set of processes that can be
generated by the locked user should be always known not to be able to
create a possibility for a new, unknow process to be generated. If one
gives user in such environment access to any kind of command that could
be used to "copy" a file (including but not limited to cp, cat and shell
redirection), there is a very strong possibility that the locked users
could be able to create a new executable file.
Finally, there are *toolkits* that are designed to allow one to escape
from such environments. If your locked user has access to such
toolkit (and they are not so hard to find), your feeling of security ("He
is in a restricted shell, what can he do!?") would create a very
dangerous sense of security.
Best wishes,
Alex
============================================================================
Alexander O. Yuriev Email: alex@bach.cis.temple.edu
CIS Labs, TEMPLE UNIVERSITY WWW: http://bach.cis.temple.edu/personal/alex
Philadelphia, PA, USA
KeyID: 1024/D62D4489 Key Fingerprint: AE84534377CCC4E2 37B13C4D8CD3D501
Unless otherwise stated, everything above is my personal opinion and not an
opinion of any organisation affiliated with me.
=============================================================================
