Ouch, Nick - you're right.
http://www.bpfh.net/simes/computing/chroot-break.html
..makes for painful reading. I assume that the only way to
prevent this is to stop root access to any VSes?
Thanks,
Ben Kennish
[EMAIL PROTECTED]
Nick Burrett wrote:
>
> Marcos Rubinstein ALPA WWW <[EMAIL PROTECTED]> writes:
>
> > Sorry to change the subject... but my question now is:
> >
> > lets asume that root is compromised in a vs by the admin...
> >
> > the most obvious problem would be that then the skel could be compromised
> > (any modification to a file that is a hard link of the skel would modify
> > the skel and those files in other VS's)...
> >
> > Also, perhaps, that unscrupolous admin could change his
> > quota. (/etc/vsd/quota)...
> >
> > but, could s/he compromise (have access) to any other vs or the
> > "host" server?
>
> using Google, try entering "breaking a chroot jail". It's bad news.
>
> Nick.
