Re: security implications: ptyfs + mount_null + chroot

To: tech-security%netbsd.org@localhost
Subject: Re: security implications: ptyfs + mount_null + chroot
From: christos%astron.com@localhost (Christos Zoulas)
Date: Fri, 30 Mar 2012 00:11:40 +0000 (UTC)

In article <20120329211648.GB1256%yamaha.dberg.net@localhost>,
Dave B  <spam%y2012.dberg.net@localhost> wrote:
>** The short version:
>
>  What security implications are there of doing a "null" mount of
>/dev/pts on to directory that will be used under a chroot'ed
>environment?  How easily, if at all, could the resulting access to
>ptys which might have been opened in the parent environment be a
>vulnerability?
>
>  In addition, how iron-clad is chroot now considered to be anyway?

It will not work. I believe that there is code there to prevent more than
one mount, but initially when I wrote it I was planning to allow multiple
mounts that displayed only the ptys that were associated with processes
that had visibility to that root. It would be a fun project to do; it is
not too hard.

christos

Follow-Ups:
- Re: security implications: ptyfs + mount_null + chroot
  - From: Joerg Sonnenberger

References:
- security implications: ptyfs + mount_null + chroot
  - From: Dave B

Prev by Date: security implications: ptyfs + mount_null + chroot
Next by Date: apply for Google Summer Code project
Previous by Thread: security implications: ptyfs + mount_null + chroot
Next by Thread: Re: security implications: ptyfs + mount_null + chroot
Indexes:

Home | Main Index | Thread Index | Old Index