chroot breakout (was: Xen 2.0 Virtual Machine)

Garrett Goebel garrett at scriptpro.com
Mon Nov 8 06:39:21 CST 2004 

Brian Kelsay wrote:
>jeremy at linuxwebguy.com wrote:
>> On Sat, Nov 06, 2004 at 10:26:55PM -0600, David Nicol wrote:
>> 
>>>Isn't UML the preferred way to do that?
>> 
>> 
>> Have you tried to set UML up? =)

Yes. As long as you follow the docs and use the kosher kernel builds it
isn't too painful. Time intensive, but not painful...


>> I really liked VMware, but didn't seem to be very fast.  I'm 
>> interested in trying out this Xen software.  I'd like to be able to 
>> use linux test environments without having to reboot.
>> 
>
>Have you tried to just chroot into another one?

For _a_ test environment, that's fine. But not for running multiple
simultaneous test environments, or giving away root accounts. 

http://www.bpfh.net/simes/computing/chroot-break.html 

> To break out of a chroot()ed area, a program should do the following: 
> 
> o  Create a temporary directory in its current working directory  
> o  Open the current working directory 
> 
> Note: only required if chroot() changes the calling program's working
>       directory. 
> o  Change the root directory of the process to the temporary directory
>    using chroot().  
> o  Use fchdir() with the file descriptor of the opened directory to
>    move the current working directory outside the chroot()ed area. 
> 
> Note: only required if chroot() changes the calling program's working
>       directory. 
> o  Perform chdir("..") calls many times to move the current working
>    directory into the real root directory.  
> o  Change the root directory of the process to the current working
>    directory, the real root directory, using chroot(".")  

--
Garrett Goebel
IS Development Specialist

ScriptPro                   Direct: 913.403.5261
5828 Reeds Road               Main: 913.384.1008
Mission, KS 66202              Fax: 913.384.2180
www.scriptpro.com          garrett at scriptpro dot com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kclug.org/pipermail/kclug/attachments/20041108/4faeb71d/attachment-0002.htm

More information about the Kclug mailing list