Re: Chroot bug

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: Jan Engelhardt <jengelh@...>

Cc: Serge E. Hallyn <serge@...>, Bill Davidsen <davidsen@...>, Philipp Marek <philipp@...>, <7eggert@...>, Alan Cox <alan@...>, majkls <majkls@...>, <bunk@...>, <linux-kernel@...>

Subject: Re: Chroot bug

Date: Tuesday, September 25, 2007 - 4:51 pm

Jan Engelhardt wrote:
quoted text> On Sep 26 2007 01:11, David Newall wrote:
>   
>> Jan Engelhardt wrote:
>>     
>>> On Sep 26 2007 00:40, David Newall wrote:
>>>   
>>>       
>>>> Miloslav Semler pointed out that a root process can chdir("..") out of its
>>>> chroot.
>>>>         
>>> So what? Just do this: chdir into the root after chroot.
>>>       
>> I don't think so.  His exploit just got me all the way out of a chroot within a
>> chroot within a chroot, inclusive of lots of chdirs.
>>     
>
> Close all fds that point to directories outside the root ;-)
>   

Nope, still gets out.
-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: sys_chroot+sys_fchdir Fix, Bodo Eggert, (Thu Sep 20, 7:13 am)

Re: sys_chroot+sys_fchdir Fix, Philipp Marek, (Thu Sep 20, 7:59 am)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Thu Sep 20, 12:06 pm)

Re: sys_chroot+sys_fchdir Fix, Philipp Marek, (Thu Sep 20, 12:17 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Thu Sep 20, 2:02 pm)

Re: sys_chroot+sys_fchdir Fix, Bill Davidsen, (Thu Sep 20, 4:53 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Fri Sep 21, 4:29 am)

Re: sys_chroot+sys_fchdir Fix, Serge E. Hallyn, (Mon Sep 24, 5:32 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Mon Sep 24, 6:04 pm)

Re: sys_chroot+sys_fchdir Fix, Serge E. Hallyn, (Mon Sep 24, 7:02 pm)

Re: sys_chroot+sys_fchdir Fix, Serge E. Hallyn, (Mon Sep 24, 7:00 pm)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Tue Sep 25, 3:45 am)

Re: sys_chroot+sys_fchdir Fix, Serge E. Hallyn, (Tue Sep 25, 7:49 am)

Re: sys_chroot+sys_fchdir Fix, David Newall, (Tue Sep 25, 9:58 am)

Chroot bug (was: sys_chroot+sys_fchdir Fix), David Newall, (Tue Sep 25, 11:10 am)

Re: Chroot bug (was: sys_chroot+sys_fchdir Fix), Bodo Eggert, (Wed Sep 26, 3:23 pm)

Re: Chroot bug (was: sys_chroot+sys_fchdir Fix), Adrian Bunk, (Tue Sep 25, 11:32 am)

Re: Chroot bug, Miloslav Semler, (Tue Sep 25, 11:43 am)

Re: Chroot bug, Adrian Bunk, (Tue Sep 25, 12:02 pm)

Re: Chroot bug (was: sys_chroot+sys_fchdir Fix), Alan Cox, (Tue Sep 25, 11:30 am)

Re: Chroot bug, David Newall, (Tue Sep 25, 11:35 am)

Re: Chroot bug, Arjan van de Ven, (Tue Sep 25, 12:33 pm)

Re: Chroot bug, Alan Cox, (Tue Sep 25, 11:48 am)

Re: Chroot bug, David Newall, (Tue Sep 25, 7:50 pm)

Re: Chroot bug, Adrian Bunk, (Tue Sep 25, 8:55 pm)

Re: Chroot bug, Kyle Moffett, (Wed Sep 26, 1:21 am)

Re: Chroot bug, David Newall, (Wed Sep 26, 6:27 am)

Re: Chroot bug, Kyle Moffett, (Wed Sep 26, 8:54 am)

Re: Chroot bug, Miloslav Semler, (Wed Sep 26, 9:11 am)

Re: Chroot bug, Kyle Moffett, (Wed Sep 26, 10:02 am)

Re: Chroot bug, Miloslav Semler, (Wed Sep 26, 11:01 am)

Re: Chroot bug, Jiri Kosina, (Thu Sep 27, 9:49 am)

Re: Chroot bug, Al Viro, (Wed Sep 26, 9:42 am)

Re: Chroot bug, Miloslav Semler, (Wed Sep 26, 10:51 am)

Re: Chroot bug, Olivier Galibert, (Wed Sep 26, 6:45 am)

Re: Chroot bug, David Newall, (Wed Sep 26, 7:13 am)

Re: Chroot bug, Olivier Galibert, (Wed Sep 26, 11:02 am)

Re: Chroot bug, linux-os (Dick Johnson), (Wed Sep 26, 9:18 am)

Re: Chroot bug, Willy Tarreau, (Wed Sep 26, 1:25 am)

Re: Chroot bug, Alan Cox, (Tue Sep 25, 8:18 pm)

Re: Chroot bug, David Newall, (Wed Sep 26, 6:24 am)

Re: Chroot bug, Alan Cox, (Wed Sep 26, 6:47 am)

Re: Chroot bug, David Newall, (Wed Sep 26, 7:06 am)

Re: Chroot bug, Bongani Hlope, (Wed Sep 26, 9:13 am)

Re: Chroot bug, Alan Cox, (Wed Sep 26, 7:20 am)

Re: Chroot bug, Jan Engelhardt, (Tue Sep 25, 11:47 am)

Re: Chroot bug (was: sys_chroot+sys_fchdir Fix), Jan Engelhardt, (Tue Sep 25, 11:20 am)

Re: Chroot bug, Miloslav Semler, (Tue Sep 25, 11:39 am)

Re: Chroot bug, David Newall, (Tue Sep 25, 11:41 am)

Re: Chroot bug, Jan Engelhardt, (Tue Sep 25, 11:48 am)

Re: Chroot bug, David Newall, (Tue Sep 25, 4:51 pm)

Re: Chroot bug, Miloslav Semler, (Tue Sep 25, 12:19 pm)

Re: Chroot bug, Serge E. Hallyn, (Tue Sep 25, 12:53 pm)

Re: Chroot bug, Jan Engelhardt, (Tue Sep 25, 12:52 pm)

Re: Chroot bug, Miloslav Semler, (Tue Sep 25, 1:00 pm)

Re: Chroot bug, Jan Engelhardt, (Tue Sep 25, 1:05 pm)

Re: Chroot bug, Al Viro, (Tue Sep 25, 1:09 pm)

Re: Chroot bug, Miloslav Semler, (Tue Sep 25, 1:19 pm)

Re: Chroot bug, Miloslav Semler, (Tue Sep 25, 1:09 pm)

Re: sys_chroot+sys_fchdir Fix, majkls, (Thu Sep 20, 8:52 am)


linux-kernel:
Rafael J. Wysocki	[Bug #11209] 2.6.27-rc1 process time accounting
Linus Torvalds	Linux 2.6.27-rc8
alan	Re: Thinking outside the box on file systems
H. Peter Anvin	Re: What to do about the 2TB limit on HDIO_GETGEO ?
git:

linux-netdev:
Gerrit Renker	[PATCH 15/37] dccp: Set per-connection CCIDs via socket options
David Miller	[GIT]: Networking
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
KOSAKI Motohiro	[bug?] tg3: Failed to load firmware "tigon/tg3_tso.bin"
openbsd-misc:

Re: Chroot bug

Online users