SCP-PJIN-009-J

SCP logo.svg
SCP-PJIN
This article is part of SCP-PJIN, an unofficial "SCP" (Secure, Contain, Protect) series similar to the official SCP Wiki. Because the SCPs in SCP-PJIN pertain to highly niche topics, they are unsuitable for inclusion in the main SCP wiki; nevertheless, it still shares many similarities with official SCPs. See SCP-PJIN for more information.
SCP-PJIN-009-J.png

Item #: SCP-PJIN-009-J

Object Class: Euclid

Special Containment Procedures

The Foundation is investigating whether SCP-PJIN-009-J could be used as a "portal" to view temporary files in "Docker" containers, in a way that would otherwise be inaccessible from the normal root filesystem.

A new system call, openat2, with a RESOLVE_NO_M████LINKS flag has been introduced into recent (5.6+) versions of the Linux kernel, which should protect programs against SCP-PJIN-009-J without affecting any other symbolic links.

Description

SCP-PJIN-009-J is a symbolic link (symlink) located at /proc/████/root on the Linux filesystem. SCP-PJIN-009-J usually appears as a normal symbolic link that points to "/", or the root directory of the filesystem. However, viewing this symlink with ls reveals a different filesystem view than the actual root filesystem. For example, some files may be missing, there may be extra files, especially in directories that are normally short-lived (such as /run or /tmp).

In addition, in one attempt to access SCP-PJIN-009-J, a completely different filesystem layout was seen. For example, normally, one would expect to see "/bin", "/boot", etc. in the root filesystem. However, the root filesystem as viewed through SCP-PJIN-009-J did not have any of those directories, instead only seeing "/proc", "/stuff", and [DATA EXPUNGED].

SCP-PJIN-009-J also differs from a normal symbolic link in that attempts to access it from a process whose effective user ID is anything other than 0 or ███ result in a "Permission denied" error. In addition, all attempts to bind mount SCP-PJIN-009-J to another part of the filesystem, even as root, have failed.

SCP-PJIN-009-J was discovered by D-████, when he was experimenting with the "Docker" container software. Testing revealed that this "Docker" software used system calls like un█████ and set██, which resulted in SCP-PJIN-009-J's anomalous behavior.

SCP-PJIN-009-J-1

SCP-PJIN-009-J-1 is the /proc/████/fd/█ symbolic link on the Linux filesystem.

Spoiler warning

« SCP-PJIN-008-J | SCP-PJIN-009-J | SCP-PJIN-010-J »