Jail experiment

Author: csev

chroot/make_jail.sh

@@ -8,15 +8,22 @@ cp hello.c jail
 
 cd jail
 
-./simple-chroot.sh install busybox bash sh vim gcc as ld ls which rm find
+./simple-chroot.sh install bash vim gcc as ld ls which rm find sh
 
-mkdir usr/libexec 
-cp -r /usr/libexec/* usr/libexec
+mkdir tmp
+chmod 1777 tmp
+mkdir var
+mkdir var/tmp
+chmod 1777 var/tmp
+
+mkdir usr/lib/gcc/
+mkdir usr/lib/gcc/x86_64-linux-gnu
+cp -r /usr/lib/gcc/x86_64-linux-gnu/* usr/lib/gcc/x86_64-linux-gnu
+cp -r /usr/lib/x86_64-linux-gnu/* usr/lib/x86_64-linux-gnu
 
 mkdir usr/include
+mkdir usr/include/x86_64-linux-gnu
+cp -r /usr/include/x86_64-linux-gnu/* usr/include/x86_64-linux-gnu
 cp -r /usr/include/* usr/include
-
-cp -r /usr/lib/* usr/lib
-
-cp -r /lib/* lib
+cp -r /lib/x86_64-linux-gnu/* lib/x86_64-linux-gnu/
 

docker/apache/compile.php

@@ -44,6 +44,7 @@
     'PATH' => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
 );
 
+// $command = 'chroot /var/www/html/jail; mkdir '.$folder.'; gcc -ansi -x c -o a.out -';
 $command = 'gcc -ansi -x c -o a.out -';
 $process = proc_open($command, $descriptorspec, $pipes, $cwd, $env);
 
@@ -69,6 +70,7 @@
 
 if ( $retval->compile_status === 0 ) {
 
+$command = 'chroot /var/www/html/jail; cd '.$folder.'; ./a.out -';
 $command = './a.out';
 $process = proc_open($command, $descriptorspec, $pipes, $cwd, $env);
 
@@ -91,6 +93,7 @@
     $retval->run_status = proc_close($process);
 
 }
+}
 
 header("Content-type: application/json; charset=utf-8");
 echo(json_encode($retval, JSON_PRETTY_PRINT));