While trying to prevent potentially flawed SSL libraries from causing much harm to my whole server, I've used a proxy process to handle it, chrooted to non-writable empty directory and running with a special UID. But this still allows it to ptrace() to other proxy processes handling other connections and causing damage with them. Are there any reasonable ways to prevent this? Are there any other problems than ptrace with it? Best I can think of now is to use a different UID for each process, but I don't really like it. This can't be done in default configuration and there's no easy way to keep track of allocated UID ranges especially if more programs started to use this method.. grsecurity seems to disallow ptrace()ing processes outside it's chroot, but even that wouldn't help me unless I created a separate chroot directory for each process. Well, maybe that would be useful as an option..
This archive was generated by hypermail 2b30 : Tue Dec 31 2002 - 08:02:56 PST