1i5t5.duncan at cox
Mar 16, 2010, 6:25 AM
Post #2 of 6
Sebastian BeÃŸler posted on Tue, 16 Mar 2010 13:27:46 +0100 as excerpted:
Re: Secure chroot (was: Re: Wine with no-multilib on AMD64)
[In reply to]
> That is not really a solution, because all it need to be root again is a
> simple exit. And chroot-root can break out of the chroot without
See the chroot --userspec option in its manpage...
> And you still need to be root to enter the chroot so you must always
> type in your root password to start a simple app, even if you drop root
> inside the chroot.
Not if you have sudo configured properly. Then the user uses their normal
password, or none, if sudo is set for no password verification for that
command. And since sudo is configurable per command including the passed
parameters, it's possible to specifically allow only the single command
"sudo linux32 chroot --userspec=xxx:yyy /mnt/point /bin/bash"
... and to configure it to require, or not require, entering the user
password, as desired. (FWIW, sudo can also be configured to require the
changed /to/ user's password, instead of the changed /from/ user's
password, so to require root's password here since it's root we're
changing to, to do the chroot, but that's a global setting that would
apply to all sudo usage on the system, while the require a password or not
setting is per configured allowed command or group of commands.)
> So this is nothing more then a really fragile hack, to me at last.
I won't argue that it's not a hack, but it isn't really more so, or more
fragile, IMO, than the whole multilib thing. And it does keep the 32-bit
and 64-bit sides better separated. So pick your hack. =:^)
Duncan - List replies preferred. No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master." Richard Stallman