Announcement

Collapse
No announcement yet.

Microsoft Security Researcher Proposes Unprivileged Chroot For Linux

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Volta
    replied
    kylew77

    It seems you forgot about LXC.

    Leave a comment:


  • kylew77
    replied
    OpenBSD has ran processes inside chroot for years in the name of security and FreeBSD developed chroot jails to simplify the process and webservers are routinely ran inside jails on that platform. Nothing to see here other than Linux catching up to the *BSDs for once instead of the other way around as is often the case.

    Leave a comment:


  • sandy8925
    replied
    Originally posted by tildearrow View Post
    Every thread with "Microsoft" on it:

    *looks at comments*

    ​​*EEE-related comment*
    I'm willing to die on the "Microsoft will abuse their Secureboot power" hill.

    Leave a comment:


  • ed31337
    replied
    If this patch successfully adds the functionality without opening up new vulnerabilities, I might actually have to admit that Microsoft did something useful for me in Linux. But the pessimist in me says that this is likely going to open up new privilege escalation problems, so will either be rejected outright or end up being a black eye later.

    Leave a comment:


  • jacob
    replied
    Thtlat seems sensible and useful.

    Leave a comment:


  • macemoneta
    replied
    Originally posted by sindr View Post

    PRoot relies on ptrace which has negative performance implications to say the least.
    Sure, but only when root operations are intercepted. The rest of the time, performance isn't impacted.

    Leave a comment:


  • skeevy420
    replied
    I apologize ahead of time for this

    Originally posted by latalante View Post
    I have been using chroot since 2013 as an unprivileged user.
    https://github.com/sabotage-linux/sa...42ace4c02244a6 bb005e069d037b
    I know times have been tough lately, COVID is rampant, money is hard to come by, the good people on both sides, but I've had the best people, the best, working on a new unprivileged chroot solution. It chroots 17x faster than any other existing chroot implementation and it takes care of all the White Privilege in the process. I call it The Super Duper Chroot. It's the BEST unprivileged chroot method and nothing comes close. The Russians won't know what happened when they try to mess with our systems and get trapped inside the Super Duper Chroot full of Fake News.

    Leave a comment:


  • latalante
    replied
    I have been using chroot since 2013 as an unprivileged user.
    https://github.com/sabotage-linux/sa...42ace4c02244a6 bb005e069d037b

    Leave a comment:


  • sindr
    replied
    Originally posted by macemoneta View Post
    How would this be different from proot?
    https://proot-me.github.io/
    PRoot relies on ptrace which has negative performance implications to say the least.

    Leave a comment:


  • CTTY
    replied
    Originally posted by macemoneta View Post
    How would this be different from proot?
    https://proot-me.github.io/
    Isnt proot using the mount namespace? If so, the difference is explained in the quote in the article.

    Leave a comment:

Working...
X