rmg@ultra.com (Rich Geiger) (12/22/89)
martin@mwtech.UUCP (Martin Weitzel) writes: >You should *very* strongly consider, to let those unprotected guest >logins run in a 'chroot'-ed environment. Seems like a very good precaution! >It requires a little bit of thinking, which commands should be >placed into the 'chroot'-ed environment, because clearly the >"/bin", "/usr/bin" -Directories would no longer be accessible, >from a new root, say "/usr/guestroot". Also, in some environments with shared libraries (for example SunOS 4.x), you will need to include a usr/lib directory and the necessary components (ld.so, libc.so.*) used to bind shared libraries at exec time. -- - Rich Geiger Disclaimer: [please refer to ANSI draft "Standard Disclaimer" Rev 3.12-B/89] Ultra Network Technologies / 101 Daggett Drive / San Jose CA 95134 rmg@ultra.com ...!ames!ultra!rmg (408) 922-0100 [w] (408) 739-7911 [h]
mike@relgyro.stanford.edu (Mike Macgirvin) (12/23/89)
In article <1989Dec21.164033.14762@ultra.com>rmg@ultra.com(Rich Geiger) writes: >martin@mwtech.UUCP (Martin Weitzel) writes: >>You should *very* strongly consider, to let those unprotected guest >>logins run in a 'chroot'-ed environment. >Seems like a very good precaution! Yes, it SEEMS like a very good precaution. But one must also be aware of the pitfalls of 'chroot'. The most obvious is that only 'root' can 'chroot'. This creates a small problem with running a shell script as the login, because it has to be setuid root in order to perform the chroot operation. The pitfalls of setuid scripts have been discussed at length here. The other pitfalls of 'chroot' were mentioned by Rich, i.e. the necessity of having all the right programs (and possibly libraries) available in the chroot environment. I attempted to to what the original poster asked; i.e. run a secure anonymous login, without having to rewrite editors,pagers,etc. There were a myriad of pitfalls. I even wrote a restricted shell to work in the chroot environment. Eventually, the work done to secure the darn thing was more work than writing an editor,pager, and minimal 'secure' OS to run under Unix, i.e. a 'bbs'. I recommend digging up a bbs program from the archives and forget about trying to secure a shell script... ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + Mike Macgirvin Relativity Gyroscope Experiment (GP-B) + + mike@relgyro.stanford.edu (36.64.0.50) + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++