Bill Moran wrote: > You also describe a scenerio where a user can create a jail of his own > design and give himself root inside it, thus allowing him to use the > setuid trick to get root on the host as well. The place this falls down > is that the user would need to already have root to create the jail in the > first place.
Not necessarily. An unprivileged user can create hard links to binaries he doesn't own, including suid binaries. Colin Percival _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
