Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
WinSCP is making an SSH connection and is not affected by the vsftpd configuration. Consulting your (empty) vsftpd logs should confirm this. It sounds like you need to look at your sshd instead.
And it is never really proper to assume that a user cannot by some means escape from a "chroot jail." The term is really a misnomer. If you need to protect something, you need to protect it, and you need to protect it. You can't do that successfully just by trying to hide it.
And it is never really proper to assume that a user cannot by some means escape from a "chroot jail." The term is really a misnomer. If you need to protect something, you need to protect it, and you need to protect it. You can't do that successfully just by trying to hide it.
Can you show any methods for a non-root user to escape from a properly-created chroot?
You can find information like that on pen-testing and other 'security' related sites. Your question is leading toward hacking / cracking and it is frowned upon here.
But as a general answer, yes. It is completely possible to 'break out' of a jail. This is mostly by mis-configuration, or over-privileged users, or permissions problems. You should read up on proper jail set up to avoid common pitfalls, and set up monitoring and auditing on usage to detect problems before they spiral out of control.
Last edited by szboardstretcher; 04-30-2014 at 04:06 PM.
Can you show any methods for a non-root user to escape from a properly-created chroot?
Most of them involve a bug.
There are a number of commands that won't work in a jail - Things that have to access process table, things that access certain device functions. Most of the ones that don't work need access to kernel memory. If that IS provided, then a successful hack of root within the jail can break out by altering kernel memory, altering the chroot /dev table and adding a device to access the real root partition. Bugs in the device drivers can also be used to break out.
In a strict sense, one shouldn't have allowed any access outside the ftp directory. Use other means to access system remotely to access more sensitive mount points.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.