LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 05-18-2003, 05:54 AM   #1
JustinHoMi
Member
 
Registered: Apr 2001
Location: Raleigh, NC
Distribution: CentOS
Posts: 154

Rep: Reputation: 30
accessing /proc from within chroot environment


Hey. I've setup a process to run chroot with a very minimal "fake" filesystem. I need the program to be able to access /proc b/c it gathers some statistics on itself. I assume I could throw "mount" in the environment and then mount it manually, but is there any other way to do it so I wouldn't have to leave mount in there? I'm sure a symlink wouldn't work, but how about a hard link? According to the man page "Hard links may not normally refer to directories", so I'm not quite sure what the catch is . Anyways, any tips would be appreciated!

Thanks
Justin
 
Old 05-18-2003, 06:11 AM   #2
dorian33
Member
 
Registered: Jan 2003
Location: Poland, Warsaw
Distribution: LFS, Gentoo
Posts: 587

Rep: Reputation: 32
just mount it in chrooted env.
using hard link (possible: option -d) is a negation of chrooting idea.
 
Old 05-18-2003, 06:17 AM   #3
whansard
Senior Member
 
Registered: Dec 2002
Location: Mosquitoville
Distribution: RH 6.2, Gen2, Knoppix, 98,2000 + various
Posts: 3,171

Rep: Reputation: 51
mount --bind /proc /chrooted/proc
then
chroot /chrooted
 
Old 05-18-2003, 10:32 AM   #4
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
You should not offer a /proc within a chroot ... this is a potential attack point!
 
Old 05-18-2003, 01:29 PM   #5
JustinHoMi
Member
 
Registered: Apr 2001
Location: Raleigh, NC
Distribution: CentOS
Posts: 154

Original Poster
Rep: Reputation: 30
Ohh, haha, i didn't even think about mounting it ahead of time.

I'm aware that it is a security risk, but I really need access to /proc/<pid>/stat

I wonder if there's any way to JUST gain access to that file....
 
Old 05-18-2003, 01:49 PM   #6
fancypiper
Guru
 
Registered: Feb 2003
Location: Sparta, NC USA
Distribution: Ubuntu 10.04
Posts: 5,141

Rep: Reputation: 58
Quote:
I wonder if there's any way to JUST gain access to that file....
I don't think so. Perhaps a careful read of man mount or info mount would give a hint.

BTW, I mount /proc this way before I enter the chroot:
mount -t proc proc /<chroot-dir>/proc
 
Old 06-06-2003, 01:36 PM   #7
JustinHoMi
Member
 
Registered: Apr 2001
Location: Raleigh, NC
Distribution: CentOS
Posts: 154

Original Poster
Rep: Reputation: 30
Quote:
Originally posted by whansard
mount --bind /proc /chrooted/proc
then
chroot /chrooted

BTW, what does --bind do? I couldn't find it in the man page.
 
Old 06-06-2003, 03:48 PM   #8
whansard
Senior Member
 
Registered: Dec 2002
Location: Mosquitoville
Distribution: RH 6.2, Gen2, Knoppix, 98,2000 + various
Posts: 3,171

Rep: Reputation: 51
--bind is for mount an already mounted filesystem to
another mount point. i got it from here. i can't find
it in my man page either, but i know i've read about
it somewhere. i just can't find it.

http://www.ibiblio.org/pub/Linux/doc...istro-Dev.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
getting started in chroot environment Mystified Linux From Scratch 3 03-28-2005 09:11 AM
mount in chroot environment not possible moskito01 Suse/Novell 5 12-06-2004 04:06 PM
Apache in a chroot environment tarballedtux Linux - Software 1 04-13-2004 07:37 PM
Out of the chroot environment? R2RO Linux - Networking 0 05-14-2003 04:01 PM
Getting in and out and in again in the CHROOT environment? kRu_ZaDeR Linux From Scratch 8 01-13-2003 12:20 AM


All times are GMT -5. The time now is 12:06 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration