UserCHRoot 0.1

UserCHRoot project can switch root, change directory, drop privileges and exec.

When dealing with chroot environments, it's sometimes useful to have a tool with which the chroot will be done, but the target executable will not be run using root privileges.

It is also sometimes useful to switch the current working directory for the target executable just before it starts. userchroot is a small program intended to be run as suid (u+s root) in these cases. It tries to be as careful as possible in order not to run the target executable as root user.

It does not support arbitrary user specification, but instead will drop back to normal user privileges of the calling user (undoing what suid-bit has done basically). If dropping root privilege fails (or actually resetting the effective credentials to the normal ones), the target executable will not be executed.

userchroot has been tested on Linux, implemented using C and licensed under GNU General Public License (v2). The tool is provided without a warranty of any kind, in the understanding that software bugs do exist and bad things can happen.

Building and installing

Using suid bits with programs that you randomly download off the Internet is not a good security practice. Because of this reason, building and installing the software is not automated at all (no autotools, no Makefile).

In order to build you will only need regular gcc and the standard C library headers. You will probably need to run chmod, chown and cp in order to install the program usefully.

The vagueness of this section is intentional.

USAGE: new-root new-cwd exec-name [exec-params]

Product's homepage