Mark Crispin wrote:
> Last but not least, I am very interested in Kris Kennaway's claim that "It may
> also be possible to break out of the chroot jail on some platforms." If true,
> it represents a huge root-level security hole on those platforms. I simply do
> not believe the claim. I would like to know if there is some substance to
> this claim, or if it was mere speculation.
If you can get root privilegies inside the jail then breaking out is a
trivial matter on most systems.
On some systems you might be able to break out without root privilegies
if there is a filehandle open to outside the jail. Especially so if
there is a filedescriptor to a directory.
--
Henrik Nordstrom
