Atik Bayraktar Atik Bayraktar - 1 month ago 13
C Question

Escaping from chroot()

I'm working on a webserver in UNIX environment with C language. Currently, I have done jailing the process but now I cannot use syslog and logging to a file option and that's basically due to the changed root path.

New root path for the program is it's directory. I could not escape from it to real root "/" in order to use these functions and go back to jail root path again.

Are there any other alternatives or solutions to this?

Answer

The whole point of using chroot() is to make the real root inaccessible, so easy formula: If you can break it, you don't need it.

So, you should make syslog accessible from within your chroot environment instead. How? Just openlog() prior to chroot(). After that, you can syslog() even though you wouldn't be able to openlog() it anymore.