I am using OpenSSH chrootdirectory feature to give access to a user via ssh.
Can this user exit the jail and return to the normal OS environment? Maybe with su?
Asked
Active
Viewed 2,941 times
3
Gilles 'SO- stop being evil'
- 829,060
Yash
- 133
2 Answers
2
No it cannot, it would give them an error. That's the whole point of chroot. They'll be only locked up in a location without being able to go out that location. But if you want tias.
VaTo
- 3,101
2
If the user does not have root access (or any way to gain it, such as exploiting an insecure setuid program), escaping a chroot jail should be impossible.
With root access, escaping a chroot jail is trivial. In fact, the chroot(2) manpage even gives instructions:
This call does not change the current working directory, so that after the call '.' can be outside the tree rooted at '/'. In particular, the superuser can escape from a "chroot jail" by doing:
mkdir foo; chroot foo; cd ..
derobert
- 109,670