Re: [dev] [PATCH] sbase: add chroot

pancake Wed, 01 Aug 2012 08:00:58 -0700

That is vulnerable on linux. Proper use is:

chdir (path); chroot(".");




On Aug 1, 2012, at 16:50, Strake <strake...@gmail.com> wrote:

> diff -r 8cf300476909 chroot.8
> --- /dev/null    Thu Jan 01 00:00:00 1970 +0000
> +++ b/chroot.8    Wed Aug 01 04:46:43 2012 -0500
> @@ -0,0 +1,25 @@
> +.TH CHROOT 8
> +.SH NAME
> +chroot \- change root directory
> +.SH SYNOPSIS
> +.B chroot
> +.I path
> +[
> +.I x
> +[
> +.I argument ...
> +]
> +]
> +.SH OPERATION
> +.B chroot
> +changes the root directory to
> +.I path
> +and starts
> +.I x
> +with
> +.I arguments
> +, or
> +.B $SHELL -i
> +if no
> +.I x
> +given.
> diff -r 8cf300476909 chroot.c
> --- /dev/null    Thu Jan 01 00:00:00 1970 +0000
> +++ b/chroot.c    Wed Aug 01 04:46:43 2012 -0500
> @@ -0,0 +1,22 @@
> +#include <stdio.h>
> +#include <stdlib.h>
> +#include <unistd.h>
> +#include "util.h"
> +
> +int main (int argc, char *argu[]) {
> +    if (argc < 2) {
> +        fputs ("No new root path given\n", stderr);
> +        exit (1);
> +    }
> +    if (chroot (argu[1])) eprintf ("chroot:");
> +    if (argc == 2) {
> +        char *x;
> +        x = getenv ("SHELL");
> +        if (!x) {
> +            fputs ("chroot: SHELL not set\n", stderr);
> +            return 1;
> +        }
> +        if (execl (x, x, "-i", (char *)0) < 0) eprintf ("chroot: %s:", x);
> +    }
> +    else if (execv (argu[2], argu + 2) < 0) eprintf ("chroot: %s:", argu[2]);
> +}
>

Re: [dev] [PATCH] sbase: add chroot

Reply via email to