Artificial truth

The more you see, the less you believe.

[archives] [latest] | [homepage] | [atom/rss]

Sending emails with php inside a chroot
Fri 07 October 2016 — download

For websec.fr, we're running each level into a harneded chroot, under a different user, likely because we trust the players as much as we trust php. Our last level, level19 may send some emails, but unfortunately, with our setup, this is non-trivial, because the mail function of php is directly using the sendmail binary.

So I thought about compiling it statically.

  • But since sendmail is bloated (and painful to compile), I gave a try to mini_sendmail, which had a broken makefile.
  • But it's using gethostbyname, so it can't be compiled in a static way, because this function is implemented in glibc's NSS wrapper, so I went with musl instead.
  • But since we didn't want to host our own smtp server, we're using a free mail provider, than only accept opportunistic TLS, and musl doesn't provide enough crypto for that. So we implemented a smtp client in pure PHP.
  • But since PHP is, well, PHP, it failed to switch to crypto inside the chroot.

The solution is simply to type mknod dev/random c 1 8 (and not urandom, because apparently there are still people that don't get the difference), to provide a source of entropy inside the chroot. It doesn't make much sense, since php should already have access to a PRNG, even inside a chroot.

You can now use stream_socket_enable_crypto inside your chroot (and send STARTTLS powered emails)!

(many thanks to nurfed for wasting time with me helping me.)