DeepSec Video: Chw00t: How To Break Out from Various Chroot Solutions
Information security borrows a lot of tools from the analogue world. Keys, locks, bars, doors, walls, or simply jails (to use a combination). Most operating systems support isolation of applications in various levels. You may call it change root (or chroot) or even jails environment. The containment is not perfect, but it helps to separate applications and to have a better control of the access to resources. Breaking out of chroots is possible, and there are various ways to do this. So preparing a tight configuration is the key. At DeepSec 2015 Balazs Bucsay held a presentation about how to create a reasonably “secure” chroot environment or how to breakout from a misconfigured one.
If you a considering to use chroots/jails as a way to build compartments, make sure you know what you are doing. The same is true for virtualisation technology, by the way.