grsecurity forums


https://forums.grsecurity.net./

question about chroot restrictions

https://forums.grsecurity.net./viewtopic.php?f=3&t=818

Page 1 of 1

question about chroot restrictions

PostPosted: Sat May 15, 2004 11:08 am
by incognito_
I see alot of nifty chroot restrictions, like refusing mount, mknod etc, but I thought those would require root inside the jail anyway, does this mean you can't break out of a grsec-chroot even if you have root?

Re: question about chroot restrictions

PostPosted: Tue May 25, 2004 6:38 pm
by PaX Team
incognito_ wrote:I see alot of nifty chroot restrictions, like refusing mount, mknod etc, but I thought those would require root inside the jail anyway, does this mean you can't break out of a grsec-chroot even if you have root?
yes, that's the whole point. whether there're still holes left is hard to tell, but it's certainly better than what other systems provide (spender wrote an article on this topic for the french MISC magazine last year).
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/