Re: [dev] [quark] Performance issues

From: Markus Wichmann <nullplan_AT_gmx.net>
Date: Wed, 25 Sep 2019 16:06:52 +0200

On Wed, Sep 25, 2019 at 08:20:52AM +0200, Laslo Hunhold wrote:
> chroot() should never be optional. unveil() might bring the same
> effect, but the unveil()-wrapper in quark doesn't do anything on Linux.
>

chroot() has several detrimental effects, most importantly making it
impossible to access /dev/null and /dev/urandom. Unless, of course,
measures are taken to replicate these devices underneath the new root.

It is also not a security device. If a service in a chroot is exploited
with root privileges, it can mount procfs wherever, and access
/proc/1/root. It can also mount another instance of the rootfs wherever
and escape the jail that way.

>
> With best regards
>
> Laslo
>

Ciao,
Markus
Received on Wed Sep 25 2019 - 16:06:52 CEST

This archive was generated by hypermail 2.3.0 : Wed Sep 25 2019 - 16:24:08 CEST