[prev in list] [next in list] [prev in thread] [next in thread]
List: firewalls-gc
Subject: Re: syslog overruns and TIS smap
From: Julian Assange <proff () suburbia ! net>
Date: 1995-09-01 6:08:01
[Download RAW message or body]
>
> Julian Assange wrote:
> >
> > What happens if I mknod a new hd block device within the chrooted area under
> > TIS?
>
> You'd need 'root' permission to do that. You don't need root to make
> an inbound connection to an inside host, however.
> - Der
True, but but obtaining root isn't necessarily such a hard thing to do. My
point is that a number of people have stated that despite obtaining root in
a chrooted() enviroment your still protected. The way I have seen chroot()
calls implimented is the kernel merely sets the processes root inode to
the inode of the directory passed as the argument. If this is the only
protection involved you can break out with a mknod.
--
+----------------------------------+-----------------------------------------+
| Julian Assange | "if you think the United States has |
| | has stood still, who built the largest |
| proff@suburbia.net | shopping centre in the world?" - Nixon |
+----------------------------------+-----------------------------------------+
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic