jailkit-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] How to jail Opera or Firefox...?

From: Hubert Havel
Subject: Re: [Jailkit-users] How to jail Opera or Firefox...?
Date: Thu, 31 Aug 2006 19:22:56 +0000 

Hi Olivier,
Kinternet is a KDE GUI for managing your internet connection. It detects WiFi networks 
and let you choose which WiFi access point to connect to.
I finally got it working. The key is to know that KInternet uses the dbus unix domain sockets to communicate with other internet applications. It was just a matter of just 
mount -o bind the dbus socket into the corresponding chrooted directory.
My strategy was basically to run applications that requires root permissions outside chroot and use mount -o bind to connect them into the chroot directories where non-root applications run. This is similar using sockets for syslog. The question I have is this: By using sockets to connect applications outside and inside the chroot directory, wouldn't this be somewhat risky since compromised applications running inside chroot can 
perhaps spread to outside of the chroot environment through the sockets?

regards, Hubert.







From: Olivier Sessink <address@hidden>
Reply-To: address@hidden
To: address@hidden
Subject: Re: [Jailkit-users] How to jail Opera or Firefox...?
Date: Wed, 30 Aug 2006 08:22:25 +0200

Hubert Havel wrote:
> Hi Olivier,
>
> The /etc/resolv.conf is there. The problem is that somehow the chrooted
> Opera cannot
> see the internet connection.
[..]
> I know that the chrooted kinternet was able to connect to the internet
> because the Opera running
> OUTSIDE of chroot works when the chrooted kinterent is turned-on.
[..]

I have no knowledge what kinternet does. Can you explain what it is?

What kind of internet connection do you have? what does ifconfig show?

if you put telnet into the chroot jail, or ping, do they function?

> Just how did you get your Opera or Firefox to connect to the internet
> from inside the chrooted
> environment? I am desperate :-).

I just copied the jk_init 'netbasics' into the jail, and that was enough
to open internet connections. But I have ethernet to my adsl router, so
I do not need to start any program to get it up and running..

regards,
        Olivier


_______________________________________________
Jailkit-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/jailkit-users


_________________________________________________________________
Get the new Windows Live Messenger! http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline
reply via email to
[Prev in Thread] Current Thread [Next in Thread]