Return to BSD News archive
Received: by minnie.vk1xwt.ampr.org with NNTP
id AA5713 ; Fri, 01 Jan 93 01:53:28 EST
Xref: sserve comp.unix.bsd:9458 comp.unix.wizards:28099 alt.security:7247
Newsgroups: comp.unix.bsd,comp.unix.wizards,alt.security
Path: sserve!manuel.anu.edu.au!munnari.oz.au!uunet!paladin.american.edu!howland.reston.ans.net!zaphod.mps.ohio-state.edu!cs.utexas.edu!convex!convex!tchrist
From: Tom Christiansen <tchrist@convex.COM>
Subject: Re: WEIRD IDEA? (chroot) Some corrections.
Originator: tchrist@pixel.convex.com
Sender: usenet@news.eng.convex.com (news access account)
Message-ID: <1992Dec29.203231.21943@news.eng.convex.com>
Date: Tue, 29 Dec 1992 20:32:31 GMT
Reply-To: tchrist@convex.COM (Tom Christiansen)
References: <1992Dec26.191816.26596@prime.mdata.fi> <1992Dec28.214412.29732@prime.mdata.fi>
Nntp-Posting-Host: pixel.convex.com
Organization: Convex Computer Corporation, Colorado Springs, CO
Keywords: chroot, shadow login, pirates BBS
X-Disclaimer: This message was written by a user at CONVEX Computer
Corp. The opinions expressed are those of the user and
not necessarily those of CONVEX.
Lines: 15
Chroot may not be so wondrous as you may think.
If your interloper should manage to crack root inside of the chroot box,
you can still be in for big problems. A kmem or a disk device inode
inside the box is as valid as one outside, allowing someone to peek
anywhere in the kernel or disk or even poke himself out of the box!
Remember also that privileged sockets have no concept of chroot, so
anyone could be impersonated going over the net.
--tom
--
Tom Christiansen tchrist@convex.com convex!tchrist
"We don't care. We don't have to. We're the Phone Company."