[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: chroot and su



On Thu, 20 Sep 2001, Tzafrir Cohen wrote:

> Hi
>
> I want to run a certain daemon in a chroot jail. Since that daemon has no
> support for running in a chroot, I'll have to run it as a user. This means
> that I have to add some sort of 'su' into the chroot jail.
>
> Any way of avoiding that extra binary? I remember reading somewhere about
> a program called 'suchroot' r 'suchroot' that does both things (and thus I
> can avoid adding binaries to the chroot jail). But I couldn't find it or
> anything similar. A couple of web searches I've tried have given no better
> solution.
>
> Any suggestions/pointers?

Someone suggested in private mail making te binary SUID (to a non-root
user) and thus avoiding te need for su. Assuming that tere is no problem
with making it SUID (e.g:  I don't need to set LD_LIBRARY_PATH), should
this prevent the process from escaping the chroot jail?

-- 
Tzafrir Cohen
mailto:tzafrir@technion.ac.il
http://www.technion.ac.il/~tzafrir


=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il