Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-amd64
Navigation:
Lists: gentoo-amd64: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-amd64@g.o
From: Mark Knecht <markknecht@...>
Subject: Re: Re: chrooted environment not available to users
Date: Tue, 13 Dec 2005 16:11:51 -0800
On 12/13/05, Duncan <1i5t5.duncan@...> wrote:
> Mark Knecht posted
> <5bdc1c8b0512131503n3c3cfcb4p9e7f3e6780dedf8d@...>, excerpted
> below,  on Tue, 13 Dec 2005 15:03:49 -0800:
>
> > 1) Everything seems to work fine so far as root. I have Firefox, Java,
> > Flash and mplayer all working nicely. I can browse the web pages I
> > need to and play the wmv video training files and do the exercises
> > just fine.
>
> Waitaminute...  You are browsing the web as root?  That's NOT a good
> idea, particularly with all sorts of plugins (meaning all sorts of
> opportunities for vulnerabilities) setup.  It extreme situations, I
> /might/ browse as root using links or lynx in text-mode only, preferably
> without even scripting turned on, but even then, I feel like I'm leaving
> myself open to more than I want.  It may be a chroot environment, but that
> doesn't mean it's impossible to break outof, and browsing as root, unless
> it's ONLY to local stuff you've written yourself (or documentation that
> you trust doesn't contain deliberate exploits), is NOT a good idea!
>
> As for home, you could mount --bind it  as well, if desired, then create
> a stub user in the chroot to use for browsing the web or whatever.  I'd
> certainly create the stub user, regardless of whether I bind-mounted /home
> into the chroot or not.
>
> --
> Duncan

Duncan,
   Hi. I completely agree with your issues above. Unfortunately there
are times, such as this one where we paid $thousands to take an
in-depth investing class and we needed immediate computer capabilities
or we'd have to bring Windows back up. That wasn't acceptable.

   Generally speaking, for the last few days, the only place I've been
browsing is this one site where we're getting trained, as well as
using GMail. I have a reasonable expectation that both of these sites
are honest and would not knowingly do anything wrong. That doesn't
mean there couldn't be a problem, but sometimes you have to take short
term risks in order to move forward at an acceptable pace.

   The plan was ALWAYS to be able to use the chrooted environment as a
user, not root. I am now trying to get the user level stuff set up but
there seem to be a number of issues around running in a chrooted
environment that are stumping me. I cannote run updatedb to get
slocate working. I guess this is related to why df doesn't work also.
I cannot emerge vi yet to management is slow. I need to create the
user accounts and I need to have the environment not interfere so much
with the AMD64 partition setup.

   One thing I'm working on right now is a setup that would allow me
to dual boot into the athlon-xp environment for testing purposes. I
run a real-time development kernel from Ingo Molnar for my audio work.
So far I cannot make it work as well as my older Athlon-xp machines so
I'm going to boot into the chroot with it's own kernel to see if this
is a 64-bit issue. But that's for later.

   Question - Could /home be a separate partition that's visible
(somehow) to both environments?

   Again, you are a great resourse. Thanks for your inputs. They are
always helpful.

Cheers,
Mark

-- 
gentoo-amd64@g.o mailing list


Replies:
Re: Re: chrooted environment not available to users
-- Duncan
References:
chrrot'ed environment not available to users
-- Mark Knecht
Re: chrrot'ed environment not available to users
-- Billy Holmes
Re: chrrot'ed environment not available to users
-- Billy Holmes
Re: chrrot'ed environment not available to users
-- Mark Knecht
Re: chrooted environment not available to users
-- Peter Humphrey
Re: chrooted environment not available to users
-- Billy Holmes
Re: chrooted environment not available to users
-- Mark Knecht
Re: chrooted environment not available to users
-- Duncan
Navigation:
Lists: gentoo-amd64: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: chrooted environment not available to users
Next by thread:
Re: Re: chrooted environment not available to users
Previous by date:
Re: chrooted environment not available to users
Next by date:
Re: Re: chrooted environment not available to users


Updated Jun 17, 2009

Summary: Archive of the gentoo-amd64 mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.