tag:blogger.com,1999:blog-2238516101365346732.post4959850950040758640..comments2023-09-20T17:56:42.131+02:00Comments on tech & sp: Introducing ujail & proof of conceptAnonymoushttp://www.blogger.com/profile/10693058812548733549noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-2238516101365346732.post-73556374846676307712009-12-09T11:19:42.152+01:002009-12-09T11:19:42.152+01:00@Aaron:
LD_PRELOAD can be worked around using co...@Aaron: <br /><br />LD_PRELOAD can be worked around using code that directly invokes syscalls, so this is a bad solution.<br /><br />@LucaBigliardi:<br /><br />I didn't know those two yet, thanks for letting me know. KMView requires a kernel modification, so this is a lot different from ujail (which runs in userspace entirely and does not require you to modify your kernel in any way). UMView looks a lot more like ujail, but seems to do a bit more. I would like to keep ujail as simple and lightweight as possible.Anonymoushttps://www.blogger.com/profile/10693058812548733549noreply@blogger.comtag:blogger.com,1999:blog-2238516101365346732.post-64460805984689063202009-12-09T01:19:49.963+01:002009-12-09T01:19:49.963+01:00Hi,
do you know ViewOS and KMView?
http://wiki.vir...Hi,<br />do you know ViewOS and KMView?<br />http://wiki.virtualsquare.org/index.php/KMview<br />http://wiki.virtualsquare.org/index.php/Main_Page#User.27s_documentationAnonymoushttps://www.blogger.com/profile/10620062518734854454noreply@blogger.comtag:blogger.com,1999:blog-2238516101365346732.post-7143520010392510882009-12-08T20:51:23.143+01:002009-12-08T20:51:23.143+01:00Cool! This approach could be very useful, particu...Cool! This approach could be very useful, particularly on systems lacking KVM support for which UML appears to be the most efficient option. (The only other lightweight tool along those general lines I've encountered is http://fakechroot.alioth.debian.org/ , which relies on an LD_PRELOAD hack and as such cannot provide a proper sandbox; in particular, statically linked binaries necessarily slip through the cracks.)Anonymoushttps://www.blogger.com/profile/07442405710426045060noreply@blogger.comtag:blogger.com,1999:blog-2238516101365346732.post-31842938921944388332009-12-08T10:50:13.149+01:002009-12-08T10:50:13.149+01:00@anonymous commenter:
Thanks for your input, I ha...@anonymous commenter:<br /><br />Thanks for your input, I have just uploaded a second proof of concept that only modifies the state (=EIP). This seems to work too and should obviously be a lot faster.Anonymoushttps://www.blogger.com/profile/10693058812548733549noreply@blogger.comtag:blogger.com,1999:blog-2238516101365346732.post-17586829443389697892009-12-07T23:16:08.293+01:002009-12-07T23:16:08.293+01:00Have you looked at utrace yet? It might make this...Have you looked at utrace yet? It might make this a lot easier.<br /><br />Also, why patch the process rather than just modifying its state and trapping into the kernel?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-2238516101365346732.post-80191228001601847542009-12-07T20:24:28.157+01:002009-12-07T20:24:28.157+01:00I haven't checked whether FreeBSD supports som...I haven't checked whether FreeBSD supports something like PTRACE_SYSEMU, which is required for this method to work. Anyways, it's unlikely that I'll relicense the proof of concept and the actual code is yet to be written.Anonymoushttps://www.blogger.com/profile/10693058812548733549noreply@blogger.comtag:blogger.com,1999:blog-2238516101365346732.post-85659884303963576792009-12-07T19:15:24.727+01:002009-12-07T19:15:24.727+01:00If this also works on BSD systems, it would be nic...If this also works on BSD systems, it would be nice if you could license it under a BSD license, like the one used by FreeBSD. And ptrace() appears to be available on BSD systems.Anonymousnoreply@blogger.com