Ben Kennish <[EMAIL PROTECTED]> writes:
> Ouch, Nick - you're right.
>
> http://www.bpfh.net/simes/computing/chroot-break.html
>
> ..makes for painful reading. I assume that the only way to
> prevent this is to stop root access to any VSes?
Almost impossible. But there are Linux kernel hacks around that the chroot
problem.
Nick.
>
>
> Nick Burrett wrote:
> >
> > Marcos Rubinstein ALPA WWW <[EMAIL PROTECTED]> writes:
> >
> > > Sorry to change the subject... but my question now is:
> > >
> > > lets asume that root is compromised in a vs by the admin...
> > >
> > > the most obvious problem would be that then the skel could be compromised
> > > (any modification to a file that is a hard link of the skel would modify
> > > the skel and those files in other VS's)...
> > >
> > > Also, perhaps, that unscrupolous admin could change his
> > > quota. (/etc/vsd/quota)...
> > >
> > > but, could s/he compromise (have access) to any other vs or the
> > > "host" server?
> >
> > using Google, try entering "breaking a chroot jail". It's bad news.
> >
> > Nick.
