Re: [RFC][PATCH-2.4] Prevent mounting on ".."

Willy TARREAU (willy@w.ods.org)
Sun, 29 Jun 2003 16:35:42 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ronghua Zhang: "How to send multiple TCP packets from a kernel thread ASAP?"
Previous message: viro@parcelfarce.linux.theplanet.co.uk: "Re: [RFC][PATCH-2.4] Prevent mounting on "..""

On Sun, Jun 29, 2003 at 03:27:25PM +0100, viro@parcelfarce.linux.theplanet.co.uk wrote:

> Sigh... We _can't_ do that via chroot(). Please, stop fooling yourself -
> if attacker gets control over root process, the fight is over. In particular,
> attacker can chmod your read-only directory and/or remount the thing.

not if the file-system is read-only by design (eg: romfs or anything like that)
or a read-only directory in /proc. To be honnest, I have another patch which
allows any process to chroot to /proc/self/empty. I know that it's not good
when the root is compromized. The attacker could do other things and even halt
the system. That's not what I'm trying to fight against. I'm only trying to
stop proliferation, and isolate the attacker into a place where the only tools
he can use are the ones he codes himself on the heap or stack, which is rather
limitating.

Cheers,
Willy

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ronghua Zhang: "How to send multiple TCP packets from a kernel thread ASAP?"
Previous message: viro@parcelfarce.linux.theplanet.co.uk: "Re: [RFC][PATCH-2.4] Prevent mounting on "..""