Gentoo Archives: gentoo-security

From: Panagiotis Atmatzidis <p.atmatzidis@×××××.com>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] Running untrusted software
Date: Sat, 21 Jan 2006 20:54:01
In Reply to: Re: [gentoo-security] Running untrusted software by Oliver Schad

On 1/18/06, Oliver Schad <o.schad@×××.de> wrote:
> > Am Mittwoch, 18. Januar 2006 15:58 schrieb mir Douglas Breault Jr: > > I am being forced to run software on my computer that I do not > > inherently trust. It is supposed to collect a few pieces of > > information, mainly my mac addresses and use the network. It is a > > one-time use CSA (client security agent). It uses a csh script to > > unpack a "proprietary binary" that we cannot see the source. There is > > no assurance it doesn't collect other information or change anything > > on my computer. > > If you don't trust this software don't use it in trusted environment > which includes trusted system and trusted network. > > > I was curious as to what is the best way to handle this and > > situations like these. In this instance, I was assuming downloading, > > and running on a LiveCD would seem like the best policy. > > Is your host in a trusted network? > > > What if it > > uses methods to discover that and I need to run it on my real > > installation? Is a chroot jail the next best thing? > > From a chroot environment you can easily escape on a standard kernel. > Grsec offers a real chroot jail.
Can you explain further please? How can an intruder bypass a chrooted enviroment *easilly*?
> As far as I know, > > to make a chroot jail I merely copy programs and libraries inside a > > folder with the proper / hierarchy and chroot into it. Is it more > > complex than this and are there any guides? > > # esearch jail > > Best Regards > Oli > > -- > gentoo-security@g.o mailing list > >
-- Panagiotis