On Tue, 17 Feb 2015 21:46:00 +0530, noyb noybee said: > am on a VM running CentOS 6.6 with kernel version 2.6.32-504. Which probably has kernel relocation and ASLR enabled. > unsigned long *syscall_table = (unsigned long *)0xffffffff81600560; So that isn't pointing at the syscall table in the running kernel. > syscall_table[__NR_chroot] = new_chroot; So you just trashed an essentially random location in memory. You explained in a private email what you were trying to do here - and I'll point out that it essentially changes the kernel API in unexpected and undocumented ways. It even introduces some security holes and bugs (hint - if you close all file descriptors, what happens to programs that were expecting stdin/stdout/stderr to be open? In particular, programs that open, say, /dev/log so they have syslog output, and then chroot. Or programs that open a socket, then chroot and drop permissions (like openssh's sshd for privilege separation). You're really not doing yourself a favor with this whack-a-mole approach to security. You *really* need to sit down and think about what problem you're trying to solve here.
Attachment:
pgpkVPglDoDcs.pgp
Description: PGP signature
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
