[Testing] Chroot escape test coverage gaps - missing pivot_root, mount, unshare, SYS_ADMIN tests

[Mossaka]

Summary

The chroot escape integration tests (tests/integration/chroot-edge-cases.test.ts) only test two escape vectors: re-chroot and iptables manipulation. Several other container/chroot escape primitives are not tested, leaving uncertainty about whether the security controls actually prevent these attacks.

Current Coverage

Tested:

• chroot / /bin/true fails (CAP_SYS_CHROOT dropped) - line 189
• iptables -L fails (CAP_NET_ADMIN dropped) - line 175
• User runs as non-root (uid != 0) - line 343

NOT Tested:

Escape Vector	Protection	Test Status
pivot_root	Blocked in seccomp profile	Untested
mount -t tmpfs tmpfs /tmp/test	Should fail after cap drop	Untested
unshare --mount / nsenter	Should fail without CAP_SYS_ADMIN	Untested
umount / umount2	Blocked in seccomp profile	Untested
mount of arbitrary filesystem	Allowed in seccomp (needed for procfs)	Untested
CAP_SYS_ADMIN post-drop	Needed for setup, should be dropped after	Untested
Setuid binary escalation	no-new-privileges seccomp option	Untested

Why This Matters

• The seccomp profile (containers/agent/seccomp-profile.json) uses SCMP_ACT_ALLOW as default action, only blocking specific syscalls. This is a deny-list approach that could miss new escape vectors.
• mount is explicitly ALLOWED in seccomp (needed for procfs in chroot mode), but after capability drop, mount should still fail. No test verifies this.
• CAP_SYS_ADMIN is granted during container setup (for mounting procfs) and should be dropped after. No test verifies the drop.
• With chroot becoming the only mode (PR refactor: remove --enable-chroot flag, make chroot mode always-on #714), these tests become even more critical.

Proposed Tests

test('should block pivot_root syscall', async () => {
  // pivot_root is blocked in seccomp, verify it returns EPERM
});

test('should block mount after capability drop', async () => {
  // mount is allowed in seccomp but CAP_SYS_ADMIN should be dropped
  // verify: mount -t tmpfs tmpfs /tmp/test → fails
});

test('should block unshare namespace creation', async () => {
  // verify: unshare --mount /bin/true → fails
});

test('should block umount/umount2', async () => {
  // umount is blocked in seccomp, verify it returns EPERM
});

test('should prevent setuid privilege escalation', async () => {
  // no-new-privileges should prevent setuid binaries from gaining caps
});

Test File

tests/integration/chroot-edge-cases.test.ts

[github-actions]

🍪 Issue Monster has assigned this to Copilot!

I've identified this issue as a good candidate for automated resolution and assigned it to the Copilot agent.

The Copilot agent will analyze the issue and create a pull request with the fix.

Om nom nom! 🍪

AI generated by Issue Monster