Received: with LISTAR (v1.0.0; list gopher);
 Tue, 22 Jan 2002 09:12:23 -0500 (EST)
Return-Path: <anstouh@yahoo.com.au>
Delivered-To: gopher@complete.org
Received: from web20301.mail.yahoo.com (web20301.mail.yahoo.com
 [216.136.226.82])
	by pi.glockenspiel.complete.org (Postfix) with SMTP id 2304B3B80B
	for <gopher@complete.org>; Tue, 22 Jan 2002 09:12:23 -0500 (EST)
Message-ID: <20020122141222.46937.qmail@web20301.mail.yahoo.com>
Received: from [144.136.42.173] by web20301.mail.yahoo.com via HTTP;
 Wed, 23 Jan 2002 01:12:22 EST
Date: Wed, 23 Jan 2002 01:12:22 +1100 (EST)
From: =?iso-8859-1?q?Tristan=20Alexander=20McLeay?= <anstouh@yahoo.com.au>
Subject: [gopher] Re: Security issues in Gopher?
To: gopher@complete.org
In-Reply-To: <20020122140520.88103.qmail@ingwaz.pair.com>
MIME-Version: 1.0
Content-type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-archive-position: 380
X-listar-version: Listar v1.0.0
Sender: gopher-bounce@complete.org
Errors-to: gopher-bounce@complete.org
X-original-sender: anstouh@yahoo.com.au
Precedence: bulk
Reply-to: gopher@complete.org
List-help: <mailto:listar@complete.org?Subject=help>
List-unsubscribe: <mailto:gopher-request@complete.org?Subject=unsubscribe>
List-software: Listar version 1.0.0
X-List-ID: Gopher <gopher.complete.org>
List-subscribe: <mailto:gopher-request@complete.org?Subject=subscribe>
List-owner: <mailto:jgoerzen@complete.org>
List-post: <mailto:gopher@complete.org>
List-archive: <http://www.complete.org/mailinglists/archives/>
X-list: gopher



Put simply, it puts you into gaol. If you typed, say, 
$ chroot /home/anstouh
all you could do is access the programs below /home/anstouh. You can't write an
event to a logfile, you can't run 'ls' (unless 'ls' happens to be somewhere in
/home/anstouh, of course). 

If the only files in /var/gopher are owned by anstouh, read/writable by owner,
readable by group and world, and you run a chrooted gopher as user nobody,
there's not much someone can do if they manage to convince gopher to do
anything other than serve up files and directories.

<Insert standard disclaimer.>

Tristan.

 --- Robert Hahn <rhahn@tenletters.com> wrote: 
> > > pretty sound to me (ie: user 'nobody' can't really do a whole lot of 
> > > damage) so I'm wondering what it would take for me to run gopherd as 
> > > nobody - and better still, why people are running it as root.
> > 
> > You can not only run gopherd as nobody (see -u) but you can also run
> > it chroot, which is more than you get with Apache even.
> 
> Interesting.  I manned chroot last night, which gave me a clear answer as to
> what and how, but, as is typical with all man pages, lacks a 'why'. :P
> 
> So, can you explain what the significance of chroot* is and how it increases
> security?  Especially as it compares to running a server either as 'nobody'
> or (horrors) root?
> 
> * I don't know what your manpage says, but mine says that chroot simply
> changes the location of the root home folder.
> 
> Or... point me to a resource that would do as well?
> 
> thx,
> -rh
> 

http://my.yahoo.com.au - My Yahoo!
- It's My Yahoo! Get your own!