Hosting Provided By

Re: /etc/passwd, etc ownership

From: Guido van Rooij <guido(at)gvr.win.tue.nl>
Date: Sat Mar 01 1997 - 08:40:15 EST

>
> I'm thinking that a solution of simply adding a sysctl variable that
> enables or disables chrooting from within a chrooted directory would give
> the most bang for the buck. Should simply involve checking if fd_rdir is
> NULL and, if not, refusing to chroot; 1 line change, plus the overhead to
> make it configurable. You do have to then prevent people from changing
> that sysctl variable in a chrooted environment...
>
> This change alone does not make it secure for someone to have root inside
> a chrooted environment, but it is a first ste at making it a little bit
> harder to break out.
>

This does make sense to me.

-Guido Received on Sat Mar 1 05:40:35 1997

This message: [ Message body ]
Next message: Jordan K. Hubbard: "William McVey: Volunteer for the Great Code Sweep"
Previous message: Charles Henrich: "Code updating.."
Maybe in reply to: Albert Mietus: "Re: /etc/passwd, etc ownership"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:41:02 EDT