Register
It is currently Sun Sep 14, 2014 8:00 pm

what about jailshell?


All times are UTC - 6 hours


Post new topic Reply to topic  [ 9 posts ] 
Author Message
 PostPosted: Mon Jun 09, 2008 1:59 pm   
User avatar

Joined: Sun Apr 13, 2008 4:05 am
Posts: 37
Location: /dev/random
i saw jailshell on few hosting servers, got too much restriction on it. But i cant find even its homepage? anybody knows something about jailshell ? where can i reach sources?


Top
 Profile  
 PostPosted: Thu Jun 19, 2008 12:56 am   
Site Admin
User avatar

Joined: Sun May 15, 2005 9:36 pm
Posts: 667
Location: Des Moines, Iowa
I believe jailshell is a "cpanel" thing...... not something you can just download.
You might also look into this: http://olivier.sessink.nl/jailkit/howto ... shell.html


Top
 Profile WWW  
 PostPosted: Thu Jun 19, 2008 5:21 am   
Moderator
User avatar

Joined: Thu Oct 11, 2007 7:12 am
Posts: 229
Location: London - UK
please note that chroot is not a security tool, by that I mean that it's easy to break out of.

i also could not find jailshell either :(


Top
 Profile  
 PostPosted: Fri Jun 20, 2008 11:37 am   
User avatar

Joined: Sun Apr 13, 2008 4:05 am
Posts: 37
Location: /dev/random
thanks for replies. i searched it, cos i really hated it.


Top
 Profile  
 PostPosted: Fri Jun 20, 2008 1:09 pm   

Joined: Wed Feb 20, 2008 4:44 pm
Posts: 4
Location: /dev/null
DarthWavy wrote:
please note that chroot is not a security tool, by that I mean that it's easy to break out of. :(



I am just curious how a chroot is not a security tool? A properly configured chroot would not be easy to break out of, and I am open, and would love to hear how it could be done so I could be corrected. I run my personal services in chroots and have never had an issue with it at all, I prefer to run chroots. Just like any other service if not properly maintained yes it could be exploited, but this is not chroot specific this applies to any service.


Top
 Profile  
 PostPosted: Mon Jun 23, 2008 8:08 am   
Moderator
User avatar

Joined: Thu Oct 11, 2007 7:12 am
Posts: 229
Location: London - UK
http://kerneltrap.org/Linux/Abusing_chroot
http://www.bpfh.net/simes/computing/chroot-break.html

In many circumstances chroot will improve security however a knowledgeable cracker will easily bypass it once root access is obtained. I believe that the latest version running on BSD is more secure.

There are many places that detail that chroot is not for security however they're buried in the mass of articles saying how it improves security of that particular organisation's application. Probably because they cannot be arsed to fix their security issues themselves lol.

As I understand it the tool was never designed to be a security tool so therefore it isn't. It would not surprise me if that is not changed soon due to the number of people using it as such.

Alan Cox, a major person in the Linux world, made the following comment...

"chroot is not and never has been a security tool. People have built things based upon the properties of chroot but extended (BSD jails, Linux vserver) but they are quite different."

It is likely that correct use of SE Linux would give much better security.


Top
 Profile  
 PostPosted: Mon Jun 23, 2008 7:14 pm   
Site Admin
User avatar

Joined: Sun May 15, 2005 9:36 pm
Posts: 667
Location: Des Moines, Iowa
Quote:
a knowledgeable cracker will easily bypass it once root access is obtained.


duh........ roflmao :lol: :lol: :lol: :lol: :lol:

perhaps even an "un-knowledgeable" one might as well :)

----------- I would always want too assume that no one but myself has "root" access, because once they have root, they have compromised the server beyond any hope of me trusting it again.


Top
 Profile WWW  
 PostPosted: Tue Jun 24, 2008 3:11 am   
Moderator
User avatar

Joined: Thu Oct 11, 2007 7:12 am
Posts: 229
Location: London - UK
root access is not required, it just makes it very easy :)


Top
 Profile  
 PostPosted: Wed Jun 25, 2008 9:11 am   

Joined: Wed Feb 20, 2008 4:44 pm
Posts: 4
Location: /dev/null
hmm, well then I guess I will just admit to being humbled, I knew chroots could be broken out of, but I really did not think it was a walk in the park, given that it was setup correctly, and maintained.


Top
 Profile  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 9 posts ] 

All times are UTC - 6 hours


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  


BashScripts | Promote Your Page Too
Powered by phpBB © 2011 phpBB Group
© 2003 - 2011 USA LINUX USERS GROUP