This wiki is archived and useful information is being migrated to the main bzflag.org website
Editing BZFS in a chroot jail
Warning: The database has been locked for maintenance, so you will not be able to save your edits right now. You may wish to copy and paste your text into a text file and save it for later.
The administrator who locked it offered this explanation: Archived wiki
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 9: | Line 9: | ||
Before attempting to set up BZFS in a chroot jail it is best to have a little background in using the chroot command. The best place to start is reading the man page | Before attempting to set up BZFS in a chroot jail it is best to have a little background in using the chroot command. The best place to start is reading the man page | ||
man chroot | man chroot | ||
− | but the basic concept is to run a program in a directory and force it to think that it is the root (the top) of the filesystem (the ‘sandbox’ or ‘jail’), so that if the application was ever compromised, only it’s folder would be accessible to the attacker and not the entire filesystem. User root, or any program with root privileges can break out of a chroot jail. | + | but the basic concept is to run a program in a directory and force it to think that it is the root (the top) of the filesystem (the ‘sandbox’ or ‘jail’), so that if the application was ever compromised, only it’s folder would be accessible to the attacker and not the entire filesystem. User root, or any program with root privileges can break out of a chroot jail. USers should be ware that a badly configured chroot jail might even be a larger security problem then not running one. The application jk_check from http://olivier.sessink.nl/jailkit does checks to verify if your chroot jail is safe. |
Before a program can be run in a jail, the user must make sure that the program has all dependencies that it may need. This means creating a smaller copy of the root filesystem so that the program can access the files that it needs, and knows where to find them. This means that if a program requires a library in /lib, then we will need a lib directory with those libraries in our jail. (if this is confusing – hang in there, you will see an example below). | Before a program can be run in a jail, the user must make sure that the program has all dependencies that it may need. This means creating a smaller copy of the root filesystem so that the program can access the files that it needs, and knows where to find them. This means that if a program requires a library in /lib, then we will need a lib directory with those libraries in our jail. (if this is confusing – hang in there, you will see an example below). | ||
Line 134: | Line 134: | ||
== More Security == | == More Security == | ||
− | Since you have to execute chroot as root, bzfs will run as root – which is not what we want. We can force bzfs to run as nobody by changing his ownership to nobody, and setting the | + | Since you have to execute chroot as root, bzfs will run as root – which is not what we want. We can force bzfs to run as nobody by changing his ownership to nobody, and setting the sticky bit on him. This way, when root executes /chroot/bzflag/bin/bzfs – it is executed as nobody, and therefore has very little privileges on the system. |
This is how we do that: | This is how we do that: | ||
Line 216: | Line 216: | ||
[[Category:Server]] | [[Category:Server]] | ||
− | [[Category: | + | [[Category:Server_security]] |
− | + |