1

Possible Duplicate:
Detecting a chroot jail from within

Detecting whether your process is executed in a chroot() environment on Linux is relatively easy: by comparing the device/inode of /proc/1/root and /. However, that requires access to stat() on /proc/1/root -- which is unfortunately privileged.

I am looking for a nice way to achieve the same thing, but without requiring privileges for that. Anybody can help me? How can my unprivileged code detect whether its is being executed in a chroot() environment?

Community
  • 1
  • 1
user175104
  • 3,598
  • 2
  • 23
  • 20
  • Hmm. This might belong to unix.SE – Earlz Feb 22 '11 at 01:14
  • 1
    @user: We've got you locked inside a chroot inside a user-mode linux instance inside a VM. It was the only way to arrange a triple kick. – Ben Voigt Feb 22 '11 at 02:19
  • Why was this closed as "exact duplicate"? The supposed exact duplicate does not cover things for UID != 0. The folks who closed this as duplicate didn't even bother to read my question. – user175104 Feb 22 '11 at 20:43
  • This answer describe how to detect chroot without root privileges : http://stackoverflow.com/a/8070267/301717 – Jérôme Pouiller Nov 08 '16 at 15:07

1 Answers1

4

If you found one, you should report it as a bug. The whole point of chroot() is to let someone make a protected environment that doesn't give away that hint without privilege.

Charlie Martin
  • 110,348
  • 25
  • 193
  • 263
  • Can't risk our bio-batteries realizing they're just slaves in the matrix, can we? – Ben Voigt Feb 22 '11 at 02:12
  • Clearly, the right answer is "take the blue pill". – Charlie Martin Feb 22 '11 at 05:01
  • chroot() is not really a security tool. At least not if used without anything else. You can trivially escape a chroot() by doing chrooting back to /../ or something similar. It just shifts around what "/" means, but that doesn't really have much to do with security. – user175104 Feb 22 '11 at 20:46