Exit from os.chroot()
Remy Blank
remy.blank at pobox.com
Wed Jun 4 16:23:06 EDT 2008
Thomas Bellman wrote:
> That might not be the best idea... Suddenly the chroot:ed
> program has access to the real /usr/bin; and since it likely is
> running as root (it was allowed to call chroot()), it can do bad
> things to the things in /usr/bin.
If a chrooted process is running as root, it can very easily break out
of the chroot anyway. So...
> Also remember, a chroot:ing process should permanently relinquish
> its privileges as soon as possible after chroot:ing. There are
> way too many fun things a root-running process can do even when
> chroot:ed, like creating device files or setuid binaries.
...this is imperative.
> All this is of course assuming that the chroot is done for
> security reasons.
But here's something that might be interesting:
http://kerneltrap.org/Linux/Abusing_chroot
Short story: chroot is not and never has been a security tool.
-- Remy
More information about the Python-list
mailing list