Sprintf(file_path_buf, "/proc/%d/setgroups", pid) Printf("Failed to write contents : %s\n", errno, Printf("Writing : %s (fd=%d)\n", file_path_buf, fd) Įrr = dprintf(fd, "%d %d 1\n", uid, uid) Printf("Failed to open %s for write %s\n", file_path_buf, errno, Sprintf(file_path_buf, "/proc/%d/uid_map", pid) Printf("Failed to unshare user namespace\n") First, unshare the user namespace and assume admin capability in the Printf("Before unshare, uid=%d, gid=%d\n", uid, gid) I have only begun to explore how linux namespaces work and so I'm not entirely sure if this code is best practice or not. Here is an example program which demonstrates that it is possible. It seems that with user-namespaces it is in fact possible to chroot without root. Which matches the unshare(2) documentation:ĬLONE_NEWUSER was specified in flags and the caller is in a chroot environment (i.e., the caller's root directory does not match the root directory of the mount namespace in which it resides).
Unshare: unshare failed: Operation not permitted Indeed, it is not allowed, and fails with: Since unshare -r would grant chroot permissions to an ordinary user, it would be a security risk if that was allowed inside a chroot environment. Note: it's well-known that processes that are capable of using chroot, are capable of breaking out of a chroot. A regular ls -al root, without unshare, does show them as owned by the current user. The root user ID in that namespace is mapped to the non-root user ID outside of that namespace, and vice versa, which is why the system shows files owned by the current user as owned by user ID 0. $ unshare -r bash -c 'chroot root /dash -c "/busybox ls -al /"'ĭrwxr-xr-x 1 0 0 1905240 Dec 2 19:15 busybox Given a statically-linked dash, and a statically-linked busybox, and a running bash shell running as non-root: $ mkdir root Yes, that does indeed make it possible for a non-root user to use chroot. Comments on pehrs's answer that it may be possible with the introduction of namespaces, but this hasn't been tested and posted as an answer.
0 kommentar(er)
