[ale] Chrooting a user logged in over telnet

Ted W ted at techmachine.net
Tue Aug 21 14:12:00 EDT 2012


On Aug 20, 2012, at 6:09 PM, Scott Plante <splante at insightsys.com> wrote:
> Note it's actually spelled with caps: MAKEDEV. It is available in the OpenSuSE repository and is installed by default on my CentOS 6.2 and RHEL 5.2 boxes. 
> 
> 
> I don't know much about it, but if it really isn't available on your distro, and you don't want to include every /dev/* device in your /chroot/dev with your mount/bind solution, you might take a look at mknod . It's been a long time since I've had to use it, but I believe you can just use mknod to create the specific device files that you need in /chroot/dev/ (which you'd create yourself). You just need the type (block/character), and major/minor numbers, which you can get from ls -l /dev. 
> 
> 
> Sorry if this is wrong or outdated, but as I said, it's been a long time. It might be an avenue to explore, though. 
> 
> 
> Scott


MAKEDEV is not available, or so it would appear, under Slackware 13.37 (the system I'm working with). I do have mknod and used it to create /dev/null and /dev/zero in the chroot environment. I was not sure how to use it to create /dev/pts and /dev/tty, which it appears were the missing devices(?).

bind mounting /dev was just to get the thing working. Now that I've seen this working I will try and bind mounting only the necessary devices for telnet to work properly. Thanks for the heads up about the insecurity of mount /dev (I'm not well read on block devices and the like).
-- 
Ted W. < Ted at Techmachine.net >
Registered GNU/Linux user #413569







More information about the Ale mailing list