Re: Relax the prohibition of usage fchdir(2) to quit a chroot

To: Kamil Rytarowski <n54%gmx.com@localhost>
Subject: Re: Relax the prohibition of usage fchdir(2) to quit a chroot
From: Matt Thomas <matt%3am-software.com@localhost>
Date: Sat, 20 Sep 2014 22:11:11 -0700

On Sep 20, 2014, at 5:02 PM, Kamil Rytarowski <n54%gmx.com@localhost> wrote:

> Hello,
> 
> There is a security feature in sys_fchdir [1] with the following comment: 
>        /*  
>         * Disallow changing to a directory not under the process's
>         * current root directory (if there is one). 
>         */

Yes, that's intentional.  Even if you get sent a fd to directory outside of the 
chroot,
it won't you do any good.  The rule is inviolate.

> This feature actually kills functionality of i.e. misc/rpm with the '--root' 
> feature.

So it's broken by design. :)

> Linux by default doesn't make this restriction, it's enabled i.e. with 
> grecurity [2].
> I need to use this feature, without tools like fakechroot.. so am I free to 
> propose a patch swapping this feature on and off in runtime with sysctl?

In my humble personal opinions, hell no.  

> My proposition is:
> security.chroot.allow_fchdir_out_of_chroot (sorry I'm bad at brief names).

How security.chroot.just_kidding?

> Maybe try to implement other chroot restrictions and make them swappable in 
> runtime as well?

Again, my opinion, absolutely not.  It's not broken, and doesn't need to broken.

Follow-Ups:
- Re: Relax the prohibition of usage fchdir(2) to quit a chroot
  - From: Kamil Rytarowski

References:
- Relax the prohibition of usage fchdir(2) to quit a chroot
  - From: Kamil Rytarowski

Prev by Date: Relax the prohibition of usage fchdir(2) to quit a chroot
Next by Date: Re: Relax the prohibition of usage fchdir(2) to quit a chroot
Previous by Thread: Relax the prohibition of usage fchdir(2) to quit a chroot
Next by Thread: Re: Relax the prohibition of usage fchdir(2) to quit a chroot
Indexes:

Home | Main Index | Thread Index | Old Index