grsecurity forums

[marek]

Hi!
I've got some problems trying to use chroot witch acl-system
Even learning mode can't help
(I've got lines such as:

/usr/sbin/chroot ol { / h }
/var/jail/execpath/bin/bash ol { / h } # this is my jail
/bin/bash ol {/ h } # tried even this......

I still get this annoying message:

Sep 24 20:00:24 ghoul kernel: grsec: attempt to load writable library[16:07:477480] by (bash:531) UID(0) EUID(0), parent (bash:406) UID(0) EUID(0)

after executing chroot.
Without grsec all works fine.

I write this, because I want to assign limits and deny ability of creating network-sockets for a process that runs from chroot-ed jail.

Any ideas how to do it?

[spender]

do a find -inum 477480, and find what library it's trying to load. Whatever library it is, it is writable by a regular root user on the system (meaning in your ACL for /, write access is allowed to it). The user (we're assuming it's an attacker) can replace that library and get your privileged program to execute its code.

-Brad