发表新帖
发表新帖

Detecting a chroot jail from within

后端 未结
关注
8 750
名媛妹妹
名媛妹妹 2020-12-24 03:02

How can one detect being in a chroot jail without root privileges? Assume a standard BSD or Linux system. The best I came up with was to look at the inode value for \"/\"

8条回答
  • 北荒
    北荒 (楼主)
    2020-12-24 03:30

    On BSD systems (check with uname -a), proc should always be present. Check if the dev/inode pair of /proc/1/exe (use stat on that path, it won't follow the symlink by text but by the underlying hook) matches /sbin/init.

    Checking the root for inode #2 is also a good one.

    On most other systems, a root user can find out much faster by attempting the fchdir root-breaking trick. If it goes anywhere you are in a chroot jail.

    0 讨论(0)
 看不清?
提交回复
热议问题