Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 6 Jun 2013 15:31:25 +0200
From: "Jason A. Donenfeld" <Jason@...c4.com>
To: oss-security <oss-security@...ts.openwall.com>
Subject: Re: chroots & uid sharing

Alright that one-liner killed kittens. Sorry. Here we go:

frisell zx2c4 # cat find-bad-chroots.py
#!/usr/bin/env python2

import os

chroots = { }

for pid in os.listdir("/proc/"):
        if not pid.isdigit():
                continue
        try:
                uid = os.stat("/proc/" + pid).st_uid
                root = os.readlink("/proc/" + pid + "/root")
        except:
                continue
        if uid not in chroots:
                chroots[uid] = [root]
        elif root not in chroots[uid]:
                chroots[uid].append(root)

for uid in chroots:
        if len(chroots[uid]) > 1:
                print "UID: %d" % uid
                for root in chroots[uid]:
                        print "\t%s" % root

frisell zx2c4 # ./find-bad-chroots.py
UID: 25
        /var/empty
        /

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.