Re: [dev] [PATCH] sbase: add chroot

From: pancake <pancake_AT_youterm.com>
Date: Wed, 1 Aug 2012 17:00:23 +0200

That is vulnerable on linux. Proper use is:

chdir (path); chroot(".");



On Aug 1, 2012, at 16:50, Strake <strake888_AT_gmail.com> wrote:

> diff -r 8cf300476909 chroot.8
> --- /dev/null Thu Jan 01 00:00:00 1970 +0000
> +++ b/chroot.8 Wed Aug 01 04:46:43 2012 -0500
> _AT_@ -0,0 +1,25 @@
> +.TH CHROOT 8
> +.SH NAME
> +chroot \- change root directory
> +.SH SYNOPSIS
> +.B chroot
> +.I path
> +[
> +.I x
> +[
> +.I argument ...
> +]
> +]
> +.SH OPERATION
> +.B chroot
> +changes the root directory to
> +.I path
> +and starts
> +.I x
> +with
> +.I arguments
> +, or
> +.B $SHELL -i
> +if no
> +.I x
> +given.
> diff -r 8cf300476909 chroot.c
> --- /dev/null Thu Jan 01 00:00:00 1970 +0000
> +++ b/chroot.c Wed Aug 01 04:46:43 2012 -0500
> _AT_@ -0,0 +1,22 @@
> +#include <stdio.h>
> +#include <stdlib.h>
> +#include <unistd.h>
> +#include "util.h"
> +
> +int main (int argc, char *argu[]) {
> + if (argc < 2) {
> + fputs ("No new root path given\n", stderr);
> + exit (1);
> + }
> + if (chroot (argu[1])) eprintf ("chroot:");
> + if (argc == 2) {
> + char *x;
> + x = getenv ("SHELL");
> + if (!x) {
> + fputs ("chroot: SHELL not set\n", stderr);
> + return 1;
> + }
> + if (execl (x, x, "-i", (char *)0) < 0) eprintf ("chroot: %s:", x);
> + }
> + else if (execv (argu[2], argu + 2) < 0) eprintf ("chroot: %s:", argu[2]);
> +}
>
Received on Wed Aug 01 2012 - 17:00:23 CEST

This archive was generated by hypermail 2.3.0 : Wed Aug 01 2012 - 17:12:04 CEST