Re: Chroot bug

From: Alan Cox
Date: Wed Sep 26 2007 - 10:03:56 EST


On Wed, 26 Sep 2007 13:34:53 +0200
Miloslav Semler <majkls@xxxxxxxxxxx> wrote:

> Alan Cox napsal(a):
> >> but many program use this as security feature. So do you think that bind
> >> may use vserver?
> >>
> >
> > It would be a lot stronger if it did. A bind running non-root will be
> > probably safe. A bind running as root can be attacked and break out of a
> > chroot trivially. I guess it depends how you run bind.
> >
> but not bind with selinux. It can chroot, but not does other things. So
> there is an question: Why we do not fix it. Tell me please some other
> reason than "you can workaround chroot other ways".

If you are using SELinux you don't need chroot for the security in the
first place you can use labels and LSM modules can also handle things
like ptrace which permit trivial escapes.

Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/