hi, why donot you try some secure kernel patches like grsecurity..... the main exploit programs of chroot are chdir, fchdir, ptrace, mount. so donot allow these system calls in a chrooted environment. this is what grsecurity patch will do. but still chroot has got a lot of othet holes.. i wrote my own document on chroot, just have a look at it.which tells how chroot can be exploited. url: www.wright.edu/~gadi.2/chroot.doc Kernel Rakshak --- Supriya Phadke <ssp1741@cs.tamu.edu> wrote: > Hi, > Suppose that a process inside a chrooted environment > is trying to access a > file. For security reasons I want to find out if the > file being accessed > is inside the chrooted directory or outside it. > (There are ways by which a > user can get out of the chroot and I basically want > to prevent that). > Is there a way to do the same ? > > Thanks for the help, > Supriya Phadke > > > -- > Kernelnewbies: Help each other learn about the Linux > kernel. > Archive: > http://mail.nl.linux.org/kernelnewbies/ > FAQ: http://kernelnewbies.org/faq/ > ===== "Conquering Myselves to Conquer The World" "Securing Kernel to Secure Whole System" __________________________________________________ Do You Yahoo!? Sign up for SBC Yahoo! Dial - First Month Free http://sbc.yahoo.com -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
