tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: security implications: ptyfs + mount_null + chroot



In article <20120329211648.GB1256%yamaha.dberg.net@localhost>,
Dave B  <spam%y2012.dberg.net@localhost> wrote:
>** The short version:
>
>  What security implications are there of doing a "null" mount of
>/dev/pts on to directory that will be used under a chroot'ed
>environment?  How easily, if at all, could the resulting access to
>ptys which might have been opened in the parent environment be a
>vulnerability?
>
>  In addition, how iron-clad is chroot now considered to be anyway?

It will not work. I believe that there is code there to prevent more than
one mount, but initially when I wrote it I was planning to allow multiple
mounts that displayed only the ptys that were associated with processes
that had visibility to that root. It would be a fun project to do; it is
not too hard.

christos



Home | Main Index | Thread Index | Old Index