1. chroot && mount -o bind && security
Is there a way to mount an already mounted filesystem using the
bind mount procedure by referencing the filesystem using a device?
Here's my idea:
Linux boots up with hda1 mounted as / and runs a custom init.
Some processes may be started at this point, or maybe not.
A 2nd filesystem, hda2, will be mounted at (the arbitrarily
chosen path of) /sys. The 2nd filesystem (with whatever else
gets mounted within there) is a complete run-time system.
The modified init will read /sys/etc/inittab and for every
process started according to that inittab, it will chroot()
the child to /sys before execve()-ing the specified program.
With /sys/etc/inittab being the startup for a complete system,
that system will really be running in the chroot context.
What few processes run in the original root context would be
restricted to doing things more securely, such as not running
servers which might be exploitable (this might mean running
nothing at all).
The question is whether, if a root process running in the hda2
context is exploited and totally controlled, can it then mount
hda1 some way to bypass the chroot barrier?
What I've tried so far suggests the answer might be "no". But
I cannot be sure I have tried everything (a common problem in
security analysis). So I'm hoping someone who has a better
understanding of how bound mount works (or at least is supposed
to work) might have some insight into this.
I've also considered using pivot_root(), but that ends up with
the original root being a subdirectory of the new root, and is
thus not really secure. I could then unmount the original root,
but then it can be mounted again by having a device node for
the original filesystem. So I think chroot() while keeping the
original root mounted (to prevent further mounting as long as
bind mount doesn't leak this) might make this more secure.
Of course it might be possible to write on the device itself.
But I think this can be more easily addressed.
--
-----------------------------------------------------------------
| Phil Howard - KA9WGN | Dallas | http://linuxhomepage.com/ |
-----------------------------------------------------------------
2. how to install perl to linux.embedded
3. replace AT&T PC6300 keyboard with a PC/AT keyboard?
4. at wits end....installing problems
5. &&&&----Looking for a unix shell------&&&&&
6. Question about IBM SP/2 server config
7. Security hooks, "standard linux security" & embedded use
8. Who is managing the FAQ for gcc???
9. Reasonable nis security between Solaris & Linux (was Re: Is nis (yp) a security worry?
10. System Security Scanner & Internet Security Scanner
11. Internet Security Monthly & Network Security Observations ???
12. ppp && PPPoE && ADSL && net && buffer(s)
13. 没有人用中文吗?
by