Upload File

chroot zutao zhu 10/30/2009. outline task 1 - 4 hard link ln ab.txt cd.txt

  • Home
  • Documents
  • Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt
14
Chroot Zutao Zhu 10/30/2009

Upload: bernice-atkinson

Post on 18-Dec-2015

212 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Chroot

Zutao Zhu

10/30/2009

Page 2: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Outline

• Task 1 - 4

Page 3: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Hard Link

• ln ab.txt cd.txt

Page 4: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Symbolic Link

• ln -s ab.txt cd.txt

Page 5: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

File Descriptor

• How does file descriptor be used?– Capability!

• Use chroot() after fopen()– Then fgetc()

Page 6: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

chroot and chroot()

• Read chroot command manual page and chroot() function manual page.– http://ss64.com/bash/chroot.html– http://linux.die.net/man/2/chroot

• Think of the following behavior after chroot command and chroot() function

• http://www.kegel.com/crosstool/current/chrootshell.c

http://ss64.com/bash/chroot.html
http://linux.die.net/man/2/chroot
Page 7: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

How does su work?

• What files does su use when authenticating users?

• http://www.linuxdocs.org/HOWTOs/User-Authentication-HOWTO/x101.html

http://www.linuxdocs.org/HOWTOs/User-Authentication-HOWTO/x101.html
http://www.linuxdocs.org/HOWTOs/User-Authentication-HOWTO/x101.html
Page 8: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Get out with root privilege

• Get the root privilege within the jail

• Copy a shell to the jail

• Chown the shell to root

• Chmod the shell to be set-uid

• Prepare passwd and shadow files

• Run the program from outside of the jail

Page 9: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Break out of a chroot jail

• Background knowledge– Current working directory– Root directory

• Most implementations of chroot() not changing the working directory of the process to within the directory the process is now chroot()ed in.

Page 10: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Break out of a chroot jail

• Strategy– Open the current working directory – Create a temporary directory in its current working

directory – Change the root directory of the process to the

temporary directory using chroot(). – Perform chdir("..") calls many times to move the

current working directory into the real root directory. – Change the root directory of the process to the

current working directory, the real root directory, using chroot(".")

Page 11: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Kill a process

• The user inside the jail knows the pid of a process running outside of the jail

• chroot(), chdir(), kill(pid, SIGKILL)

Page 12: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Bonus question

• “Using ptrace allows you to set up system call interception and modification at the user level. “, quoted from http://www.linuxjournal.com/article/6100

• http://www.lxhp.in-berlin.de/lhpsysc0.html

Page 13: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

How to secure chroot()

• discussion

Page 14: Chroot Zutao Zhu 10/30/2009. Outline Task 1 - 4 Hard Link ln ab.txt cd.txt

Reference

• http://www.bpfh.net/simes/computing/chroot-break.html

• http://ss64.com/bash/chroot.html

• http://linux.die.net/man/2/chroot

• http://www.linuxdocs.org/HOWTOs/User-Authentication-HOWTO/x101.html


Securing Apache Web Services with CHROOT · 2018-11-25 · Securing Apache Web Services with CHROOT Motivation I have wanted to set this up for some time, but never had the occasion

National Energy Research Scientific Computing Center (NERSC) CHOS - CHROOT OS Shane Canon

unit 5 formula review sheet - Mrs. Price's Math Site - HOME€¦ ·  · 2016-01-04Log/Exponent Properties: ln(1)=0&&&&& &ln(e)=1&& ln(an)=&n*ln(a)& & ln(ab)=ln(a)+ln(b) a b b a ln

320B/320B L/LN 322B L/LN 325B L/LN 330B L/LN 345B Ldizv3061bgivy.cloudfront.net/mmc-assets/pdfs/data_sheets_320_345b... · 320B /L/LN 322B L/LN 325B L/LN 330B L/LN 345B L Cat® engine

unit 5 formula review sheetpricemathteacher.weebly.com/.../unit_5_formula_revie… ·  · 2016-01-04Log/Exponent Properties: ln(1)=0&&&&& &ln(e)=1&& ln(an)=&n*ln(a)& & ln(ab)=ln(a)+ln(b)

DIRECTIONAL DISTIBUTION 51-49% TRAFFIC VOLUME DIAGRAM€¦ · ln ln ln 12’ ln ln ln 2.50% sh ln aux ln sh sh managed lanes ln ln ln 4’ sh 14’ ln pgl 8’ g.p. lanes 2.50% 12’

ACCESSORIOS Magnum Pistolas semiautomáticas...Lincoln Electric ® Serie LN-7, LN-8, LN-9, LN-25 [Alambre de hasta .052 pulg. (1.4 mm)] K489-1 Serie LN-8, LN-9, LN-25 [Alambre de 1/16

8-6 Ticket Out Use natural logarithms to solve e –6x = 3.1. -6x = ln 3.1 Solve ln 2 + ln x = 5. ln (2x) = 5 Write 3 ln a – ½ (ln b + ln c 2 ) as a single

Zuqing Zhu

ATTENTION FISHERMEN & HUNTERS LEGEND · Green Lawn Ln. Monroe Trail Ln. Delaware Ln. Irvine Ln. Adams Trail Truman Ln. Clarence Cannon Ln. Fr azer Rd. Ha ... 556 567 543 573 344 390

COMPONENT FUNCTION & GRSYTR - Ryowo · ln-175 fc/ln-200 fc/ln-250 fc/ln-300 fc/ln-350fc/ln-400fc/ln-450 fc/ln-500 fc/ln-600 fc/ln-700 fc/ln-800 fc/ln-900 fc/ln-1000 two cells three

Advanced Impressions, Inc · S Advanced Impressions, Inc (P) 714.772.3459 (F) 714.772.2986 Custom Line 2014-2015 LN -KHP LNLN-KSH LN KMH KHO LN KHL LN -KSP LNLN-KSR LN KIR KSC LN-

NEWCOM DELBRIDGE LN. BROWN’S LN. OXFORD … · ln. thompson ln. 392 392 101 419 101 419 419 rd. rd. lantana st. ln. harding ln. s. main st. st. st. adams w. parkview pl. ln. threet

Zhu Darkpool

Using Chroot to Bring Linux applications to Android

Slide 1 Vitaly Shmatikov CS 380S UNIX Security: setuid and chroot Static Security Analysis with MOPS

Infor LN Development Tools Development Guide · LN software environment ... 202 Chapter 10 LN Reporting Overview.....205 LN Reporting Overview

Saving Your Ass(ets) with chroot

Chw00t: How to break out from various chroot solutions · Chw00t: How to break out from various chroot solutions Balázs Bucsay OSCE, OSCP, GIAC GPEN, ... • Strictly technical certificates:

Monday to Friday LN LN TW LN WM LN WM LN TW WM LN LN … · Monday to Friday LN LN TW LN WM LN WM LN TW WM LN LN WM LN LN TW LN WM London Euston .... .... .... .... .... ....

DNSSEC - WHAT IS IT ? INSTALL AND CONFIGURE IN CHROOT JAIL

APPROXIMATE DURATION 6 MONTHS N - NHSLS · amar dr s rd uck dr or hill majors ln lambskin ln cre rd old dobbin ln ck ln y shed ln sohap ln t ln ampfire ook ln blade green ln w th

Yushen Zhu

A Digital Anthology of Early Modern English Drama · ln 0022 ln 0023 ln 0024 ln 0025 img: 3a sig: A3v ln 0026 ln 0027 ln 0028 ln 0029 ln 0030 ln 0031 ln 0032 ln 0033 ln 0034 ln 0035

CHAPTER 7 INTEGRALS AND TRANSCENDENTAL …CHAPTER 7 INTEGRALS AND TRANSCENDENTAL FUNCTIONS 7.1 THE LOGARITHM DEFINED AS AN INTEGRAL 1. dx ln x ln 2 ln 3 ln 2. dx ln 3x 2 ln 2 ln 5

Using Chroot to Bring Linux Applications to Android · PDF fileUsing Chroot to Bring Linux Applications to Android ... Android Ease package management issues by ... Leverages idea

UNIX Security: setuid and chroot Static Security Analysis ...shmat/courses/cs380s_fall09/09setuid.pdfslide 1. Vitaly Shmatikov. CS 380S. UNIX Security: setuid and chroot Static Security

Docker and HTCondor - Home INFN Milanoprelz/condor-tutorial/ThainG_Docker.pdf · Ancient History: Chroot HTCondor used to chroot every job: 1. No job could touch the file system 2

Ding, Sixin - Cong Chutu Zhu Shu Zonglun 'Zhou Yi' Zhu Wenti

A Digital Anthology of Early Modern English Drama...ln 0019 img: 3a sig: A2v ln 0020 ln 0021 ln 0022 ln 0023 ln 0024 ln 0025 ln 0026 ln 0027 ln 0028 ln 0029 ln 0030 ln 0031 ln 0032

y = ln (kx) / ln (k)

 · fernstead ln & westview ter lower ln & sunset ln cindy ln & lower lower ln & smokey hill rd 719 lower ln 198 meadow 1817 orchard rd elizabeth rd & patrick dr metacomet dr & mohawk

A Digital Anthology of Early Modern English Drama · 2017-07-21 · img: 1b sig: A2r ln 0001 ln 0002 ln 0003 ln 0004 ln 0005 ln 0006 ln 0007 ln 0008 ln 0009 ln 0010 ln 0011 ln 0012

Ducted Split (60Hz, R22) - REFRICOIN · LN-0320CC/AC LN-0321CC/AC LN-0420CC/AC LN-0421CC/AC LN-04B0CC/AC LN-C0482SA0 ... • LG Ducted split unit have been rigorously life tested

A Digital Anthology of Early Modern English Drama...img: 1b sig: A1r ln 0001 ln 0002 ln 0003 ln 0004 ln 0005 ln 0006 ln 0007 ln 0008 ln 0009 ln 0010 ln 0011 ln 0012 ln 0013 ln 0014