[plug] KaZaA for linux

Beau Kuiper kuiperba at cs.curtin.edu.au
Sun Jan 6 17:06:54 WST 2002


Oh,

Chroot DOES not work correctly unless you drop root permissions COMPLETELY 
after performing a chroot.

Root can break out of a chroot jail via
1) create a new directory
2) chroot to the new directory (now the current directory is outside of the 
processes chroot jail)
3) repetitively run cd .. until you think you are in the real root directory
4) run chroot . 

So, make sure you lose the root account after doing your chroot, otherwise 
chroot is useless.

Beau Kuiper
kuiperba at cs.curtin.edu.au

On Sun, 6 Jan 2002 16:43, Craig Foster wrote:
> background...
>
> KaZaA is a peer-to-peer file sharing system like napster. It uses ncursors
> to display on a text terminal.
> It runs on port 1214 and talks to the main server to do searches for
> files.
>
> chroot is best given by example. if I put program KZA in /chroot, along
> with all the libraries necessary for KZA to run - recreating /lib,
> /usr/lib, /bin, /etc, /tmp *relative* to /chroot (eg /chroot/lib,
> /chroot/usr/lib, etc), I can then run "chroot /chroot /bin/KZA" and then
> KZA will only be able to see /lib, /usr/lib, etc ... but in reality it
> will be seeing /chroot/lib, etc.
>
> That way if someone hacks KZA, they can only EVER see what's in chroot,
> even if they have shell access...
>
> Very useful in instances such as bind 8, as a buffer overflow will kill
> named and run a command, but as the shell (named) has stopped, it will
> restart. But If it doesn't restart, the person can see my DNS records and
> THAT'S IT.
>
> Regards,
>
> Craig Foster



More information about the plug mailing list