Re: apt-get and The_User

To: Paul Hedderly <paul@mjr.org>
Cc: debian-devel@lists.debian.org
Subject: Re: apt-get and The_User
From: tb@becket.net (Thomas Bushnell, BSG)
Date: 03 Dec 2000 02:48:18 -0800
Message-id: <[🔎] 87k89hhjbh.fsf@becket.becket.net>
In-reply-to: Paul Hedderly's message of "Sun, 3 Dec 2000 10:32:17 +0000"
References: <[🔎] 20001202174648.A8616@216.254.117.126> <[🔎] Pine.LNX.3.96.1001203000238.10084B-100000@qn-195-66-31-144.quicknet.nl> <[🔎] 20001203103217.H3935@phx.mjr.org>

Paul Hedderly <paul@mjr.org> writes:

> On Sun, Dec 03, 2000 at 01:03:54AM +0100, Remco Blaakmeer wrote:
> > In what way would chroot elevate privileges for a non-root user?
> 
> If you are giving the chroot user root in the chroot... then they
> can copy a shell - suid it... and they have access to that
> new suid shell from the real filesystem. - They have open access
> to the whole box.

There's no such thing as being "root in the chroot".  A process is
root or not, regardless of the current root directory.  chroot changes
the interpretation of / and .., it does not affect your priveleges.

Thomas

Reply to:

References:
- Re: apt-get and The_User
  - From: xsdg <xsdg@softhome.net>
- Re: apt-get and The_User
  - From: Remco Blaakmeer <remco-blaakmeer@quicknet.nl>
- Re: apt-get and The_User
  - From: Paul Hedderly <paul@mjr.org>

Prev by Date: Re: apt-get and The_User
Next by Date: Re: apt-get and The_User
Previous by thread: Re: apt-get and The_User
Next by thread: Re: apt-get and The_User
Index(es):
- Date
- Thread