Talk:PRoot

From ArchWiki
Jump to navigation Jump to search

Are /proc, /sys, and /dev accessible inside a proot?

No paths from the actual rootfs are accessible in the guest rootfs, unless they are explicitly bound (c.f. -b, -R, and -S options).

Is privilege escalation possible?

PRoot relies on ptrace, an unprivileged feature not known to be a privilege escalation vector. Moreover, the Linux kernel does not allow a ptraced process to gain privileges, even when it is legit (like with setuid binaries):
   $ proot ping localhost
   ping: icmp open socket: Operation not permitted
   $ proot -0 ping localhost
   ping: icmp open socket: Operation not permitted
Although, it is possible to escape from a proot-ed environment, by killing proot explicitly for instance:
   host-shell$ proot -R ubuntu-core-14.04-core-amd64 bash
   guest-shell$ xeyes &
   [1] 32284
   guest-shell$ grep Tracer /proc/self/status
   TracerPid:	32278
   guest-shell$ kill -9 32278
   Killed
In this example, "xeyes" process is still alive and not managed (ie. isolated) by proot anymore. This could be easily fixed but proot does not aim to be used for security purpose.
I hope this helps. Regards,
Cedric-vincent (talk) 19:37, 16 July 2014 (UTC)