[Bug 121073] [kernel] [patch] run chroot as an unprivileged user
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Jun 16 16:13:24 UTC 2014
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=121073
--- Comment #9 from Nathan Whitehorn <nwhitehorn at FreeBSD.org> ---
There are, I think, two potential security issues here:
1. Many pieces of software assume that if you chroot and drop privileges, no
further chroot is possible.
2. There could be sneaky ways of obtaining privileges once no-new-privileges is
set.
(1) is pretty straightforward since we can just disallow unprivileged chroot
after any other chroot. (2) is the complex one. Are there others?
Some no-cred-change property for processes seems extremely useful from a
security perspective and, if we have one we could trust, this patch becomes
trivial. Would it make sense just to work on that first and come back to
unprivileged chroot later?
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-arch
mailing list