jailkit-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Jailkit-dev] [bug #46930] Be more relax on jail group ownership


From: anonymous
Subject: [Jailkit-dev] [bug #46930] Be more relax on jail group ownership
Date: Mon, 18 Jan 2016 18:15:26 +0000
User-agent: Mozilla/5.0 (X11; OpenBSD amd64; rv:42.0) Gecko/20100101 Firefox/42.0

URL:
  <http://savannah.nongnu.org/bugs/?46930>

                 Summary: Be more relax on jail group ownership
                 Project: Jailkit
            Submitted by: None
            Submitted on: Mon 18 Jan 2016 06:15:25 PM UTC
                Category: None
                Severity: 3 - Normal
              Item Group: None
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any

    _______________________________________________________

Details:

Hi,

IMO we could be more relaxed on grp owner on jail dir. See how it is done in
openssh chroot code:

                if (st.st_uid != 0 || (st.st_mode & 022) != 0)
                        fatal("bad ownership or modes for chroot "
                            "directory %s\"%s\"", 
                            cp == NULL ? "" : "component ", component);

Thus we could check jk_lib.py to something like this:
                                                                              
                   
                if (statbuf[stat.ST_UID] != 0 or os.stat(path).st_mode & 022
!= 0):
                        sys.stderr.write('ERROR: '+path+' is not owned by root
or wrong group ownership!\n')
                        return -3

j.




    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?46930>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/




reply via email to

[Prev in Thread] Current Thread [Next in Thread]