[EMAIL PROTECTED] (Stephen Frost) writes: >> >> according to Enrico (please confirm or correct) the glibc >> >> has issues with the fake name resolver and is generally >> >> considered insecure because usually dynamically linked ... >> > >> > This really needs further explanation and justification. What about >> > glibc being dynamically linked (and able to load other libraries) >> > makes it insecure, specifically? >> >> 1. 'insecure', because the dynamical loading of libnss_* is >> uncontrollable. There is no (documented??) way to disable this >> loading e.g. when the chroot was entered. Executing a function which >> would load an nss-library does not give any guarantee that the next >> call to this function with another argument would not load another >> library. > > It's not uncontrollable- just don't call NSS functions after you've > chroot'd.
That's not possible. During the extraction phase, 'rpm' has to do an username -> uid mapping with the setup from the inside of the chroot. So at least there, I need getpwname() after chroot(). Enrico
pgpxCsneViktQ.pgp
Description: PGP signature
_______________________________________________ Vserver mailing list Vserver@list.linux-vserver.org http://list.linux-vserver.org/mailman/listinfo/vserver
