PERL Beginners - trying to chroot perl and its modules

Author

trying to chroot perl and its modules

John

2004-12-18, 3:55 pm

copied the /usr/bin/perl to the /chroot/usr/bin/perl

and the /usr/lib/perl5 to the /chroot/usr/lib/perl5

now when i try to run a perl script for example

#!/usr/bin/perl

use MIME::Lite;

$msg = MIME::Lite->new(
Type =>'text/html',
From =>'me@host.com',
To =>'you@host.com',
Subject =>"Hello",
Data => qq { Hello }
);

$msg->send('smtp', 'host.com');

with the command

/usr/sbin/chroot /chroot/ /usr/bin/perl /mail.pl

i receive the error

Failed to connect to mail server: No such file or directory
at /mail.pl line 19 ($msg->send('smtp', 'host.com')

This script works well outside the chroot area.

What is wrong with that?

Jonathan Paton

2004-12-18, 3:55 pm

> with the command
>
> /usr/sbin/chroot /chroot/ /usr/bin/perl /mail.pl
>
> i receive the error
>
> Failed to connect to mail server: No such file or directory
> at /mail.pl line 19 ($msg->send('smtp', 'host.com')
>
> This script works well outside the chroot area.

Problem is either a misunderstanding or oversight.

If you use chroot then you change what the program percieves
as the root directory. So /mail.pl in the chroot enviroment
would be /chroot/mail.pl outside. mail.pl is in a directory no
longer accessable once you are in the chroot jail.

chroot should never be an excuse for running untrusted or
poor quality software. It is simply another layer of security,
which usually restricts damage if the code is exploited.

Jonathan Paton

--
#!perl
$J=' 'x25 ;for (qq< 1+10 9+14 5-10 50-9 7+13 2-18 6+13
17+6 02+1 2-10 00+4 00+8 3-13 3+12 01-5 2-10 01+1 03+4
00+4 00+8 1-21 01+1 00+5 01-7 >=~/ \S\S \S\S /gx) {m/(
\d+) (.+) /x,, vec$ J,$p +=$2 ,8,= $c+= +$1} warn $J,,

John

2004-12-18, 3:55 pm

----- Original Message -----
From: "Jonathan Paton" <jepaton@gmail.com>
To: "John" <isofroni@cc.uoi.gr>; "Perl Beginners" <beginners@perl.org>
Sent: Saturday, December 18, 2004 6:54 PM
Subject: Re: trying to chroot perl and its modules

>
> Problem is either a misunderstanding or oversight.
>
> If you use chroot then you change what the program percieves
> as the root directory. So /mail.pl in the chroot enviroment
> would be /chroot/mail.pl outside. mail.pl is in a directory no
> longer accessable once you are in the chroot jail.
>
> chroot should never be an excuse for running untrusted or
> poor quality software. It is simply another layer of security,
> which usually restricts damage if the code is exploited.
>
> Jonathan Paton
>
> --
> #!perl
> $J=' 'x25 ;for (qq< 1+10 9+14 5-10 50-9 7+13 2-18 6+13
> 17+6 02+1 2-10 00+4 00+8 3-13 3+12 01-5 2-10 01+1 03+4
> 00+4 00+8 1-21 01+1 00+5 01-7 >=~/ \S\S \S\S /gx) {m/(
> \d+) (.+) /x,, vec$ J,$p +=$2 ,8,= $c+= +$1} warn $J,,
>

Well, i am trying to figure out what i have forgotten to copy into the
chroot jail.
Why should my experiment not work? I cannot see any reason of not working.

Jonathan Paton

2004-12-18, 8:55 pm

> Well, i am trying to figure out what i have forgotten to copy into
> the chroot jail. Why should my experiment not work? I cannot
> see any reason of not working.

My mistake, reading again I find your script is called "mail.pl".

The problem is disguised by Mime::Lite, as the actual file is not
mentioned. If you have enough experience then you could hunt
through the Mime::Lite source code to narrow down the problem.

I had a p

at the sources, but I feel it could take me 30 - 90 minutes
to find the problem. A guess is that one of the modules used
relies on a temporary directory. Debugging this would be too much
like work, maybe someone else would be interested. Sorry.

Jonathan Paton

--
#!perl
$J=' 'x25 ;for (qq< 1+10 9+14 5-10 50-9 7+13 2-18 6+13
17+6 02+1 2-10 00+4 00+8 3-13 3+12 01-5 2-10 01+1 03+4
00+4 00+8 1-21 01+1 00+5 01-7 >=~/ \S\S \S\S /gx) {m/(
\d+) (.+) /x,, vec$ J,$p +=$2 ,8,= $c+= +$1} warn $J,,

John

2004-12-18, 8:55 pm

----- Original Message -----
From: "Jonathan Paton" <jepaton@gmail.com>
To: "John" <isofroni@cc.uoi.gr>; "Perl Beginners" <beginners@perl.org>
Sent: Saturday, December 18, 2004 9:31 PM
Subject: Re: trying to chroot perl and its modules

>
> My mistake, reading again I find your script is called "mail.pl".
>
> The problem is disguised by Mime::Lite, as the actual file is not
> mentioned. If you have enough experience then you could hunt
> through the Mime::Lite source code to narrow down the problem.
>
> I had a p

at the sources, but I feel it could take me 30 - 90 minutes
> to find the problem. A guess is that one of the modules used
> relies on a temporary directory. Debugging this would be too much
> like work, maybe someone else would be interested. Sorry.
>
> Jonathan Paton
>
> --
> #!perl
> $J=' 'x25 ;for (qq< 1+10 9+14 5-10 50-9 7+13 2-18 6+13
> 17+6 02+1 2-10 00+4 00+8 3-13 3+12 01-5 2-10 01+1 03+4
> 00+4 00+8 1-21 01+1 00+5 01-7 >=~/ \S\S \S\S /gx) {m/(
> \d+) (.+) /x,, vec$ J,$p +=$2 ,8,= $c+= +$1} warn $J,,
>

Well ,my chroot jail involves the /tmp dir.

John

2004-12-20, 3:56 pm

----- Original Message -----
From: "John" <isofroni@cc.uoi.gr>
To: "Perl Beginners" <beginners@perl.org>
Sent: Saturday, December 18, 2004 6:22 PM
Subject: trying to chroot perl and its modules

copied the /usr/bin/perl to the /chroot/usr/bin/perl

and the /usr/lib/perl5 to the /chroot/usr/lib/perl5

now when i try to run a perl script for example

#!/usr/bin/perl

use MIME::Lite;

$msg = MIME::Lite->new(
Type =>'text/html',
From =>'me@host.com',
To =>'you@host.com',
Subject =>"Hello",
Data => qq { Hello }
);

$msg->send('smtp', 'host.com');

with the command

/usr/sbin/chroot /chroot/ /usr/bin/perl /mail.pl

i receive the error

Failed to connect to mail server: No such file or directory
at /mail.pl line 19 ($msg->send('smtp', 'host.com')

This script works well outside the chroot area.

What is wrong with that?

Any ideas?

John

2004-12-20, 3:56 pm

Sponsored Links