Forum OpenACS Q&A: Response to Bugtraq: Oracle security

Collapse
Posted by Rodger Donaldson on
How easy is it to break chroot?  Google on it.  You'll find source and binaries for Solaris and Linux.

It requires you to get root in the chroot() environment; if your chroot() environment is running a minimal set of tools and libraries  then chroot() is a useful addition to security, protecting the rest of the system from a poorly written daemon - even if the user breaks into the chroot jail, they probably won't be able to elevate privs to the level needed to make breaking the jail easy.

OTOH, if the daemon requires a cast of thousands of libraries and executables (think Oracle, Vignette, etc) and you can't link statically, then all those support files provide ample opportunities for local root exploits, which can then be used to trivially break the chroot() environment.

Finally, think about what you're trying to protect against.  If the stuff the attacker values is available in the chroot() jail, what did you win?