Re: apt-get and The_User

To: Tollef Fog Heen <tollef@add.no>
Cc: debian-devel@lists.debian.org
Subject: Re: apt-get and The_User
From: tb@becket.net (Thomas Bushnell, BSG)
Date: 03 Dec 2000 12:22:36 -0800
Message-id: <[🔎] 87aeaddzlf.fsf@becket.becket.net>
In-reply-to: Tollef Fog Heen's message of "03 Dec 2000 12:38:37 +0100"
References: <3A21BD03.C1795862@canada.com> <3A23015A.465829FE@canada.com> <[🔎] 20001202050307.C44EECF37@brotherhood.netfort.gr.jp> <[🔎] 87g0k7xhzr.fsf@manon.intern.opera.no> <[🔎] 3A29615D.9119F7D2@canada.com> <[🔎] 877l5is673.fsf@manon.intern.opera.no> <[🔎] 87g0k5hj92.fsf@becket.becket.net> <[🔎] 87itp1rayq.fsf@manon.intern.opera.no>

Tollef Fog Heen <tollef@add.no> writes:

> *  (Thomas Bushnell, BSG)
> 
> | Breaking out is only possibly because of the double
> | chroot trick that Ethan Benson explained.  If you fix that trick
> | (which can be done), then breaking out is relatively difficult.
> 
> mount /proc and find out where your process information lives, change
> the root and voila, out of the chroot.  root in chroot is in no way
> safe.

There are many ways out, I just meant that simple filesystem tricks
won't work anymore.  My thought about how to do this would be to tweak
up the network configuration suitably; you might well be able to trick
some network server then into doing things for you.

Reply to:

References:
- Re: apt-get and The_User
  - From: Junichi Uekawa <dancer@netfort.gr.jp>
- Re: apt-get and The_User
  - From: Tollef Fog Heen <tollef@add.no>
- Re: apt-get and The_User
  - From: Mircea Luca <mluca@canada.com>
- Re: apt-get and The_User
  - From: Tollef Fog Heen <tollef@add.no>
- Re: apt-get and The_User
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: apt-get and The_User
  - From: Tollef Fog Heen <tollef@add.no>

Prev by Date: Re: task & skills
Next by Date: Re: Woody Progress
Previous by thread: Re: apt-get and The_User
Next by thread: Re: apt-get and The_User
Index(es):
- Date
- Thread