Using chroot() (was:) Secure (regular) Scripts
Mike Macgirvin
mike at relgyro.stanford.edu
Sat Dec 23 04:59:11 AEST 1989
In article <1989Dec21.164033.14762 at ultra.com>rmg at ultra.com(Rich Geiger) writes:
>martin at mwtech.UUCP (Martin Weitzel) writes:
>>You should *very* strongly consider, to let those unprotected guest
>>logins run in a 'chroot'-ed environment.
>Seems like a very good precaution!
Yes, it SEEMS like a very good precaution. But one must also be
aware of the pitfalls of 'chroot'. The most obvious is that only 'root'
can 'chroot'. This creates a small problem with running a shell script
as the login, because it has to be setuid root in order to perform the
chroot operation. The pitfalls of setuid scripts have been discussed at
length here. The other pitfalls of 'chroot' were mentioned by Rich, i.e.
the necessity of having all the right programs (and possibly libraries)
available in the chroot environment.
I attempted to to what the original poster asked; i.e. run a
secure anonymous login, without having to rewrite editors,pagers,etc.
There were a myriad of pitfalls. I even wrote a restricted shell to work
in the chroot environment. Eventually, the work done to secure the darn
thing was more work than writing an editor,pager, and minimal 'secure' OS
to run under Unix, i.e. a 'bbs'. I recommend digging up a bbs program from
the archives and forget about trying to secure a shell script...
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Mike Macgirvin Relativity Gyroscope Experiment (GP-B) +
+ mike at relgyro.stanford.edu (36.64.0.50) +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
More information about the Comp.unix.wizards
mailing list