login
Login
/
Register
Search
Search this site:
Forums
News
Blogs
Features
Site
Home
»
Mailing list archives
»
linux-kernel
»
2007
»
September
»
25
Re: Chroot bug
view
thread
Previous message: [
thread
] [
date
] [
author
]
Next message: [
thread
] [
date
] [
author
]
[view in full thread]
From: Jan Engelhardt
Subject:
Re: Chroot bug
Date: Tuesday, September 25, 2007 - 9:52 am
On Sep 25 2007 18:19, Miloslav Semler wrote:
quoted text
>> > > So what? Just do this: chdir into the root after chroot. >> > > >> > I don't think so. His exploit just got me all the way out of a chroot >> > within a >> > chroot within a chroot, inclusive of lots of chdirs. >> > >> >> Close all fds that point to directories outside the root ;-) >> > This does not help. Let's try: > chroot somewhere > mkdir foo > fd = open / > chroot foo
('fd' implicitly closed and chdir to /foo)
quoted text
> fchdir fd
-EINVAL
quoted text
> chdir ".."
/../ => /
quoted text
> .... > chdir ".." > chroot "." > so you are in root.
so we remain in chroot. -
unsubscribe notice
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to
majordomo@vger.kernel.org
More majordomo info at
http://vger.kernel.org/majordomo-info.html
Please read the FAQ at
http://www.tux.org/lkml/
Previous message: [
thread
] [
date
] [
author
]
Next message: [
thread
] [
date
] [
author
]
Messages in current thread:
Re: sys_chroot+sys_fchdir Fix
, Bodo Eggert
, (Thu Sep 20, 4:13 am)
Re: sys_chroot+sys_fchdir Fix
, Philipp Marek
, (Thu Sep 20, 4:59 am)
Re: sys_chroot+sys_fchdir Fix
, majkls
, (Thu Sep 20, 5:52 am)
Re: sys_chroot+sys_fchdir Fix
, David Newall
, (Thu Sep 20, 9:06 am)
Re: sys_chroot+sys_fchdir Fix
, Philipp Marek
, (Thu Sep 20, 9:17 am)
Re: sys_chroot+sys_fchdir Fix
, David Newall
, (Thu Sep 20, 11:02 am)
Re: sys_chroot+sys_fchdir Fix
, Bill Davidsen
, (Thu Sep 20, 1:53 pm)
Re: sys_chroot+sys_fchdir Fix
, David Newall
, (Fri Sep 21, 1:29 am)
Re: sys_chroot+sys_fchdir Fix
, Serge E. Hallyn
, (Mon Sep 24, 2:32 pm)
Re: sys_chroot+sys_fchdir Fix
, David Newall
, (Mon Sep 24, 3:04 pm)
Re: sys_chroot+sys_fchdir Fix
, Serge E. Hallyn
, (Mon Sep 24, 4:00 pm)
Re: sys_chroot+sys_fchdir Fix
, Serge E. Hallyn
, (Mon Sep 24, 4:02 pm)
Re: sys_chroot+sys_fchdir Fix
, David Newall
, (Tue Sep 25, 12:45 am)
Re: sys_chroot+sys_fchdir Fix
, Serge E. Hallyn
, (Tue Sep 25, 4:49 am)
Re: sys_chroot+sys_fchdir Fix
, David Newall
, (Tue Sep 25, 6:58 am)
Chroot bug (was: sys_chroot+sys_fchdir Fix)
, David Newall
, (Tue Sep 25, 8:10 am)
Re: Chroot bug (was: sys_chroot+sys_fchdir Fix)
, Jan Engelhardt
, (Tue Sep 25, 8:20 am)
Re: Chroot bug (was: sys_chroot+sys_fchdir Fix)
, Alan Cox
, (Tue Sep 25, 8:30 am)
Re: Chroot bug (was: sys_chroot+sys_fchdir Fix)
, Adrian Bunk
, (Tue Sep 25, 8:32 am)
Re: Chroot bug
, David Newall
, (Tue Sep 25, 8:35 am)
Re: Chroot bug
, Miloslav Semler
, (Tue Sep 25, 8:39 am)
Re: Chroot bug
, David Newall
, (Tue Sep 25, 8:41 am)
Re: Chroot bug
, Miloslav Semler
, (Tue Sep 25, 8:43 am)
Re: Chroot bug
, Jan Engelhardt
, (Tue Sep 25, 8:47 am)
Re: Chroot bug
, Alan Cox
, (Tue Sep 25, 8:48 am)
Re: Chroot bug
, Jan Engelhardt
, (Tue Sep 25, 8:48 am)
Re: Chroot bug
, Adrian Bunk
, (Tue Sep 25, 9:02 am)
Re: Chroot bug
, Miloslav Semler
, (Tue Sep 25, 9:19 am)
Re: Chroot bug
, Arjan van de Ven
, (Tue Sep 25, 9:33 am)
Re: Chroot bug
, Jan Engelhardt
, (Tue Sep 25, 9:52 am)
Re: Chroot bug
, Serge E. Hallyn
, (Tue Sep 25, 9:53 am)
Re: Chroot bug
, Miloslav Semler
, (Tue Sep 25, 10:00 am)
Re: Chroot bug
, Jan Engelhardt
, (Tue Sep 25, 10:05 am)
Re: Chroot bug
, Miloslav Semler
, (Tue Sep 25, 10:09 am)
Re: Chroot bug
, Al Viro
, (Tue Sep 25, 10:09 am)
Re: Chroot bug
, Miloslav Semler
, (Tue Sep 25, 10:19 am)
Re: Chroot bug
, David Newall
, (Tue Sep 25, 1:51 pm)
Re: Chroot bug
, David Newall
, (Tue Sep 25, 4:50 pm)
Re: Chroot bug
, Alan Cox
, (Tue Sep 25, 5:18 pm)
Re: Chroot bug
, Adrian Bunk
, (Tue Sep 25, 5:55 pm)
Re: Chroot bug
, Kyle Moffett
, (Tue Sep 25, 10:21 pm)
Re: Chroot bug
, Willy Tarreau
, (Tue Sep 25, 10:25 pm)
Re: Chroot bug
, David Newall
, (Wed Sep 26, 3:24 am)
Re: Chroot bug
, David Newall
, (Wed Sep 26, 3:27 am)
Re: Chroot bug
, Olivier Galibert
, (Wed Sep 26, 3:45 am)
Re: Chroot bug
, Alan Cox
, (Wed Sep 26, 3:47 am)
Re: Chroot bug
, David Newall
, (Wed Sep 26, 4:06 am)
Re: Chroot bug
, David Newall
, (Wed Sep 26, 4:13 am)
Re: Chroot bug
, Alan Cox
, (Wed Sep 26, 4:20 am)
Re: Chroot bug
, Kyle Moffett
, (Wed Sep 26, 5:54 am)
Re: Chroot bug
, Miloslav Semler
, (Wed Sep 26, 6:11 am)
Re: Chroot bug
, Bongani Hlope
, (Wed Sep 26, 6:13 am)
Re: Chroot bug
, linux-os (Dick Johnson)
, (Wed Sep 26, 6:18 am)
Re: Chroot bug
, Al Viro
, (Wed Sep 26, 6:42 am)
Re: Chroot bug
, Kyle Moffett
, (Wed Sep 26, 7:02 am)
Re: Chroot bug
, Miloslav Semler
, (Wed Sep 26, 7:51 am)
Re: Chroot bug
, Miloslav Semler
, (Wed Sep 26, 8:01 am)
Re: Chroot bug
, Olivier Galibert
, (Wed Sep 26, 8:02 am)
Re: Chroot bug (was: sys_chroot+sys_fchdir Fix)
, Bodo Eggert
, (Wed Sep 26, 12:23 pm)
Re: Chroot bug
, Jiri Kosina
, (Thu Sep 27, 6:49 am)
Navigation
Create content
Mailing list archives
Recent posts
Popular discussions
linux-kernel
:
Ingo Molnar
Re: [patch 00/13] Syslets, "Threadlets", generic AIO support, v3
Vivek Goyal
[PATCH] x86_64: Display more intutive error message if kernel is not 2MB aligned
Andi Kleen
[PATCH] [0/35] Some x86 2.6.22 candidate patches for review
Andrew Morton
Re: [PATCH] lazy freeing of memory through MADV_FREE 2/2
Peter Zijlstra
Re: [RFC PATCH 1/2] Marker probes in futex.c
git
:
Felipe Contreras
Re: [kernel.org users] [RFD] On deprecating "git-foo" for builtins
Johannes Schindelin
[PATCH] fetch: refuse to fetch into the current branch in a non-bare repository
Johannes Schindelin
Re: [PATCH] Fix install-doc-quick target
Peter Oberndorfer
Subject: [PATCH] fix stg edit command
Nicolas Pitre
Re: About git and the use of SHA-1
linux-netdev
:
Ursula Braun
[patch 2/8] [PATCH] af_iucv: sync sk shutdown flag if iucv path is quiesced
David Dillow
Re: [PATCH 2.6.30-rc4] r8169: avoid losing MSI interrupts
Andi Kleen
Re: RFC: Nagle latency tuning
Paul E. McKenney
Re: [PATCH 1/3] rcu: Introduce hlist_nulls variant of hlist
Russell King
Re: [BUG] New Kernel Bugs
git-commits-head
:
Linux Kernel Mailing List
sh: Fix compile error by operands(mov.l) in sh3/entry.S
Linux Kernel Mailing List
New device ID for sc92031 [1088:2031]
Linux Kernel Mailing List
e1000e: Expose MDI-X status via ethtool change
Linux Kernel Mailing List
powerpc/kexec: Add support for FSL-BookE
Linux Kernel Mailing List
drivers/acpi: use kasprintf
openbsd-misc
:
Andres Salazar
About priorities in /etc/resolv.conf
Rob Shepherd
x86 hardware for router system
Henning Brauer
Re: Sun Blade 1000?
Mitja Muženič
Re: isakmpd -- NCP IPsec client: peer proposed invalid phase 2 IDs
Damien Miller
Re: Patching a SSH 'Weakness'
Colocation donated by:
Syndicate
