On Friday September 22 2006 11:35, Ira Abramov wrote:
> Quoting Michael Jaffe, from the post of Fri, 22 Sep:
> > After setting up a chroot jail, two problems arose:
> > 1) In graphical mode, I am not able to login under any username except
> > root
>
> and you DO have other users in the chroot's shadow and passwd files?
>
> > 2) In terminal mode, whenever I try to execute the "login" command, the
> > shell closes
>
> describe that, please? because sounds like you really want to run "su".
> login will stop to ask for a password, that's what it does, and it's not
> your bash exiting, it's a fork. if you exit "login" you will get your
> propmt again.
>
> > I tried using the following command under root to reset chroot
> > chroot /
>
> won't work, that's why it's called a chroot JAIL. it can only be set
> DOWN the tree, not back up.
Not entirely correct, if you have some privileges, namely if you are still a
root user inside a chroot padded cell, you can easily break out by moving up
the tree with fchdir(open(".",O_RDONLY)), followed by a number of chdir("..")
and chrooting("."), eventually hitting the /. I think the BSD version of
chroot is sligtly more tricky to get out of. Also, there are numerous kernel
patches that restrict you from doing that. As usial when it comes to battle
of the minds, human factor plays the most important role.
--
Sincerely Yours,
Michael Vasiliev
"Besides a mathematical inclination, an exceptionally good mastery of one's
native tongue is the most vital asset of a competent programmer."
-- Edsger Wybe Dijkstra
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
