On Thursday 30 October 2008 00:48:00 Robert Connolly wrote:
> The problem I have with these, and all other chroot tools, is that
> they run the target program inside the chroot, not outside, so it
> doesn't work with an empty chroot. named, ntpd, etc, start as root,
> chroot to an empty directory, then drop root.
Obviously. What you need is either link all binaries you ever want to
chroot with a specially crafted library (that would read env and perform
chroot, setuid, whatever...) or such library can be ${LD_PRELOAD}ed.
Other then that, only patching the application seems viable. Or,
perhaps, we can patch the ld.so to perform chroot/setuid based on env
variables just after it loads all shared objects for the started
application.
> Can any of you make something usable enough to submit to kernel.org?
> or think this not a wise idea?
I don't think this is reasonable.
And I remembered another way. You can ptrace the target binary, set
breakpoint at the beginning of main() and once there, inject chroot/sid
call or whatever you need. _This_is_the_hard_way_.
--
http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
