grsecurity forums

Skip to content

List processes in a chroot

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.
Topic locked

List processes in a chroot

Postby __nico__ » Sat Dec 23, 2006 8:10 pm

Is there a way to list all the process that are in the same jail?
I know that FreeBSD jail can do that but is there something equivalent in grsecurity?

Thanks
__nico__
 
Posts: 1
Joined: Sat Dec 23, 2006 8:07 pm
Top

This used to work for me

Postby Alexei.Sheplyakov » Wed Jan 03, 2007 5:15 pm

Code: Select all
CHROOT="/path/to/chroot"
PROCS=""
for p in `ps -o pid -A`; do
   if [ "`readlink /proc/$p/root`" = "$CHROOT" ]; then
      PROCS="$PROCS $p"
   fi
done
echo "Jailed in \"$CHROOT\": $PROCS"
Alexei.Sheplyakov
 
Posts: 53
Joined: Sun Feb 19, 2006 11:48 am
Top

Postby spender » Wed Jan 03, 2007 9:24 pm

grsecurity's chroot restrictions can enforce that users inside a chroot jail can only view processes within the same jail.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm
Top

Postby Alexei.Sheplyakov » Fri Jan 05, 2007 6:53 am

spender wrote:grsecurity's chroot restrictions can enforce that users inside
a chroot jail can only view processes within the same jail.


Yes, so if /proc is mounted inside a jail (usually it is not) one can do

Code: Select all
chroot /path/to/jail ps -A
Alexei.Sheplyakov
 
Posts: 53
Joined: Sun Feb 19, 2006 11:48 am
Top
Topic locked

Return to grsecurity support

Powered by phpBB® Forum Software © phpBB Group