Subject: Re: chroot jail for ftpd
To: Jonathan Stone <jonathan@DSG.Stanford.EDU>
From: Jason R Thorpe <thorpej@wasabisystems.com>
List: tech-kern
Date: 10/18/2001 15:22:36
On Thu, Oct 18, 2001 at 03:11:26PM -0700, Jonathan Stone wrote:
> I was acutlally wondering about hacking ld.{elf_}so -- or wherever
> LD_PRELOAD and LD_LIBRARY_PATH are acutally implemented; <dlfcn.h>? --
> to check each element of a path and check for crossing over mountpoints
> which are mounted noexec, and skipping those search-paths altogether.
>
> Not to close the security loophole -- we agree on the right place for
> that -- but to give cleaner semantics to anyone fishing for loopholes.
...except you wouldn't want to do that... because a perfectly legitimate
configuration might be to have a "noexec" /u1/ftp and a nullfs r/o mounted
on /u1/ftp/bin that has some executables in it that the FTP server is
allowed to run (just as an example).
--
-- Jason R. Thorpe <thorpej@wasabisystems.com>