On 1/18/06, Oliver Schad <[EMAIL PROTECTED]> wrote:
Am Mittwoch, 18. Januar 2006 15:58 schrieb mir Douglas Breault Jr:
> I am being forced to run software on my computer that I do not
> inherently trust. It is supposed to collect a few pieces of
> information, mainly my mac addresses and use the network. It is a
> one-time use CSA (client security agent). It uses a csh script to
> unpack a "proprietary binary" that we cannot see the source. There is
> no assurance it doesn't collect other information or change anything
> on my computer.
If you don't trust this software don't use it in trusted environment
which includes trusted system and trusted network.
> I was curious as to what is the best way to handle this and
> situations like these. In this instance, I was assuming downloading,
> and running on a LiveCD would seem like the best policy.
Is your host in a trusted network?
> What if it
> uses methods to discover that and I need to run it on my real
> installation? Is a chroot jail the next best thing?
From a chroot environment you can easily escape on a standard kernel.
Grsec offers a real chroot jail.
Can you explain further please? How can an intruder bypass a chrooted enviroment *easilly*?
> As far as I know,
> to make a chroot jail I merely copy programs and libraries inside a
> folder with the proper / hierarchy and chroot into it. Is it more
> complex than this and are there any guides?
# esearch jail
Best Regards
Oli
--
[email protected] mailing list
--
Panagiotis
