Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cs.utexas.edu!tut.cis.ohio-state.edu!purdue!decwrl!shelby!helens!relgyro!mike From: mike@relgyro.stanford.edu (Mike Macgirvin) Newsgroups: comp.unix.wizards Subject: Re: Using chroot() (was:) Secure (regular) Scripts Message-ID: <396@helens.Stanford.EDU> Date: 22 Dec 89 17:59:11 GMT References: <9100020@m.cs.uiuc.edu> <562@mwtech.UUCP> <1989Dec21.164033.14762@ultra.com> Sender: news@helens.STANFORD.EDU Reply-To: mike@relgyro.STANFORD.EDU (Mike Macgirvin) Organization: Stanford Relativity Gyro Experiment (GP-B) Lines: 26 In article <1989Dec21.164033.14762@ultra.com>rmg@ultra.com(Rich Geiger) writes: >martin@mwtech.UUCP (Martin Weitzel) writes: >>You should *very* strongly consider, to let those unprotected guest >>logins run in a 'chroot'-ed environment. >Seems like a very good precaution! Yes, it SEEMS like a very good precaution. But one must also be aware of the pitfalls of 'chroot'. The most obvious is that only 'root' can 'chroot'. This creates a small problem with running a shell script as the login, because it has to be setuid root in order to perform the chroot operation. The pitfalls of setuid scripts have been discussed at length here. The other pitfalls of 'chroot' were mentioned by Rich, i.e. the necessity of having all the right programs (and possibly libraries) available in the chroot environment. I attempted to to what the original poster asked; i.e. run a secure anonymous login, without having to rewrite editors,pagers,etc. There were a myriad of pitfalls. I even wrote a restricted shell to work in the chroot environment. Eventually, the work done to secure the darn thing was more work than writing an editor,pager, and minimal 'secure' OS to run under Unix, i.e. a 'bbs'. I recommend digging up a bbs program from the archives and forget about trying to secure a shell script... ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + Mike Macgirvin Relativity Gyroscope Experiment (GP-B) + + mike@relgyro.stanford.edu (36.64.0.50) + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++