Re: [PATCH] sys_chroot() hook for additional chroot() jails enforcing

["Lorenzo Hernández García-Hierro" <lorenzo@gnu.org>]

[-- Attachment #1: Type: text/plain, Size: 1000 bytes --]

El lun, 07-02-2005 a las 16:50 -0600, Serge E. Hallyn escribió:
> Hi,
> 
> If I understood you correct earlier, the only policy you needed to
> enforce was to prevent double-chrooting.  If that is the case, why is it
> not sufficient to keep a "process-has-used-chroot" flag in
> current->security which is set on the first call to
> capable(CAP_SYS_CHROOT) and inherited by forked children, after which
> calls to capable(CAP_SYS_CHROOT) are refused?
> 
> Of course if you need to do more, then a hook might be necessary.

Yeah, checking that process is chrooted using the current macro and
denying if capable() gets it trying to access CAP_SYS_CHROOT it's the
way that vSecurity currently does it.

But the hook will have to handle some chdir enforcing that can't be done
with current hooks, I will explain it further tomorrow.

It's too late here ;)

Cheers,
-- 
Lorenzo Hernández García-Hierro <lorenzo@gnu.org> 
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]

[-- Attachment #2: Esta parte del mensaje está firmada digitalmente --]
[-- Type: application/pgp-signature, Size: 189 bytes --]