Nick,
am [09 May 2001 12:08:50 +0100] schrieb Nick Burrett <[EMAIL PROTECTED]> :
> Ben Kennish <[EMAIL PROTECTED]> writes:
>
> > Ouch, Nick - you're right.
> >
> > http://www.bpfh.net/simes/computing/chroot-break.html
> >
> > ..makes for painful reading. I assume that the only way to
> > prevent this is to stop root access to any VSes?
>
> Almost impossible. But there are Linux kernel hacks around that the chroot
> problem.
Do you have any link?
Do you have an suggestion which suid program on the skel could be
vulnerable?
jimmy
>
>
> Nick.
>
> >
> >
> > Nick Burrett wrote:
> > >
> > > Marcos Rubinstein ALPA WWW <[EMAIL PROTECTED]> writes:
> > >
> > > > Sorry to change the subject... but my question now is:
> > > >
> > > > lets asume that root is compromised in a vs by the admin...
> > > >
> > > > the most obvious problem would be that then the skel could be compromised
> > > > (any modification to a file that is a hard link of the skel would modify
> > > > the skel and those files in other VS's)...
> > > >
> > > > Also, perhaps, that unscrupolous admin could change his
> > > > quota. (/etc/vsd/quota)...
> > > >
> > > > but, could s/he compromise (have access) to any other vs or the
> > > > "host" server?
> > >
> > > using Google, try entering "breaking a chroot jail". It's bad news.
> > >
> > > Nick.
James T. Koerting
KSD Germany
[EMAIL PROTECTED]
Murphy's Law: "Anything that can go wrong, will go wrong"
Parkinson's Law: "Work expands to exceed available time"
Koerting's Law: "Don't fight against these laws"
