Page 1 of 3 123 LastLast
Results 1 to 10 of 24

Thread: CHROOT, home jailed and stuff

  1. #1
    Junior Member
    Join Date
    Jun 2005
    Posts
    20

    CHROOT, home jailed and stuff

    Hi
    I have to create a shell account on RedHat 9 for a guy that will compile amule on my machine. I just want him not able to wonder around on my machine.

    I read this tutorial (http://www.antionline.com/showthread...hreadid=250875) but having compilation rights could get "free out of jail" (see h**p://www.bpfh.net/simes/computing/chroot-break.html)

    So now I am stuck and no more ideas... Can you help?

    Thanks

  2. #2
    Senior Member
    Join Date
    Mar 2004
    Posts
    119
    Instead of going to all that trouble, why dont you just use Red Hat Package Manager and install it.


    http://dag.wieers.com/packages/amule/

  3. #3
    Junior Member
    Join Date
    Sep 2005
    Posts
    17
    something similar to what Net2Infinity said.
    if you think the guy will try to hack your system or something, why dont you compile amule yourself for him. when you dont trust a person and think he could break out of a chrooted jail, hell....dont give him an account.

  4. #4
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289
    Originally posted here by webDEViL
    something similar to what Net2Infinity said.
    if you think the guy will try to hack your system or something, why dont you compile amule yourself for him. when you dont trust a person and think he could break out of a chrooted jail, hell....dont give him an account.
    I completely agree!
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

  5. #5
    Junior Member
    Join Date
    Jun 2005
    Posts
    20
    Do I have to understand that NOBODY has a solution for a secure shell acount?
    Please stick to my question. Avoiding it and giving alternative solutions doesn't help me. Let's take the bull by the horns...

  6. #6
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716
    You trust him right? Just give him a normal account,
    and change the password when he's finished.
    What's he gonna do, elevate his priveliges, get root,
    install a rootkit and brag about it on irc?

    If he does something harmful, you format and reinstall.
    It's a rare individual that can escape the restrictions
    of a normal account, much less a chroot jail.
    I came in to the world with nothing. I still have most of it.

  7. #7
    Senior Member
    Join Date
    Mar 2004
    Posts
    119
    Originally posted here by masster
    Do I have to understand that NOBODY has a solution for a secure shell acount?
    Please stick to my question. Avoiding it and giving alternative solutions doesn't help me. Let's take the bull by the horns...

    If you give someone an account on your box, even in a chroot jail there are no guarantees. That being said if he installs the app in the chroot jail, what good is it going to do you? You specifically asked about installing a particular software so doing it yourself seemed like a good option. Obviously you want to give the individual an account for different purposes.

  8. #8
    Junior Member
    Join Date
    Jun 2005
    Posts
    20
    Originally posted by rcgreen
    What's he gonna do, elevate his priveliges, get root, install a rootkit and brag about it on irc?
    Please enlighten me (in detail, command by command) HOW is he gonna deploy such catastrophic scenario.

    Originally posted by Net2Infinity
    If you give someone an account on your box, even in a chroot jail there are no guarantees.
    OK then, starting from here, are there ANY OTHER solutions for my problem?

    Originally posted by Net2Infinity
    That being said if he installs the app in the chroot jail, what good is it going to do you?
    He doesn't install ANYTHING. He just compiles latest amule version to RPM binaries for RH9. So that I install them and have amule working on my machine.

    Originally posted by Net2Infinity
    You specifically asked about installing a particular software so doing it yourself seemed like a good option.
    Not when you get into some undocumented compilation errors that even amule forum couldn't solve...

    Originally posted by Net2Infinity
    Obviously you want to give the individual an account for different purposes.
    Dude, you must be God if you know better than me what I'm thinking... I suggest you don't jump so easy to conclusions.

  9. #9
    Senior Member
    Join Date
    Mar 2004
    Posts
    119
    Okay if you wanted to install amule I sent you the link for the amule as an rpm package. It doesnt get any easier than that as it is already precomplied for red hat 9. Why would you want to go to the trouble of chrooting an account for a friend to complile it for you when it is already an rpm?

  10. #10
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Do I have to understand that NOBODY has a solution for a secure shell acount?
    The answer is simple.................go write your own Linux distro, then you can incorporate whatever security measures you like

    Please stick to my question. Avoiding it and giving alternative solutions doesn't help me.
    If they work, they should. I absolutely despise people coming to me with problems and then having the arrogance to tell me how to solve them. If they are that bloody clever, why don't they go figure it for themselves?

    Let's take the bull by the horns
    I think that we just have? ..................... additionally, do you think that is a good idea to let someone you apparently don't trust, do development work on what is obviously your live production system? ..................... how can you be sure exactly what they put on there?

    In the real World we develop in a test/development environment then migrate the final result to the live, production one. If you do not have that luxury, then move anything sensitive off the machine and reinstall it afterwards.

    You should also consider basic human psychology............. if you create an atmosphere of mistrust you will simply be challenging the person to outwit you, and may well create a situation that would otherwise not have arisen.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •