Dear Perlmonks:

My linux apache web server was recently hacked, so I have become more security conscious. Amazing what a little hack will do to one...

I was thinking that it would be a good idea to jail each perl cgi program that I am running to the file system hierarchy that it needs to read/write into. my perl cgi program would first load all the necessary external modules, then do a 

chroot("/var/www/user1/"); chdir("/");

[download]
Even if my perl script later does something truly stupid and a web user can gain control of my perl cgi program, the damage will be limited to stuff in /var/www/user1/. Because apache runs cgi and fcgi program not as root, breaking out of such a jail will be difficult.

alas, this has the obvious issue that the chroot() call itself requires super user privileges. I am a little confused by this--why is this security restriction there to begin with? before the chroot, I already have access to everything that I have access to after the chroot. I am whittling down what I can do, not expanding it.

can I make a non-setuid program capable of executing the chroot() call? I also tried 

system("/usr/sbin/chroot","/var/www/user1")

[download]
does not work even if I setuid /usr/sbin/chroot, because the system call wants access to "/bin/bash". I am not sure why---I thought this version would exec the chroot directly.

I would think it would be a bad idea to change my perl cgi scripts themselves to be setuid root, so that I can chroot from inside perl. I know I can drop the setuid privileges later, but the whole idea is to protect myself from stupidity afterwards. giving my cgi programs root privileges is something I would rather avoid.

advice appreciated.

/iaw

In reply to chroot() security in cgi script? by iaw4

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.