Re: apt-get and The_User

To: Remco Blaakmeer <remco-blaakmeer@quicknet.nl>
Cc: xsdg@softhome.net, debian-devel@lists.debian.org
Subject: Re: apt-get and The_User
From: Junichi Uekawa <dancer@netfort.gr.jp>
Date: Sun, 3 Dec 2000 17:12:26 +0900
Message-id: <[🔎] 20001203114916.4B218CF37@brotherhood.netfort.gr.jp>
In-reply-to: <[🔎] Pine.LNX.3.96.1001203000238.10084B-100000@qn-195-66-31-144.quicknet.nl>
References: <[🔎] 20001202174648.A8616@216.254.117.126> <[🔎] Pine.LNX.3.96.1001203000238.10084B-100000@qn-195-66-31-144.quicknet.nl>

In Sun, 3 Dec 2000 01:03:54 +0100 (CET) Remco Blaakmeer <remco-blaakmeer@quicknet.nl> cum veritate scripsit :

> <snip from chroot(8)>
> NAME
>        chroot  -  run  command  or interactive shell with special
>        root directory
> </snip>
> 
> In what way would chroot elevate privileges for a non-root user?

You have an isolated space in terms of filename space, but 
you have the same Kernel, i.e. you have the root privilage against  the kernel.

There are many things you can do with the root privilage, from
killing random processes, to doing 
dd if=/dev/zero of=/dev/hda 
whatever.

If you give someone a chrooted root access, it's not much secure than the 
non-chrooted root access, really.

# well, this is my understanding.


regards,
	junichi

--
University: ti0113@mail4.doshisha.ac.jp    Netfort: dancer@netfort.gr.jp
dancer, a.k.a. Junichi Uekawa   http://www.netfort.gr.jp/~dancer
 Dept. of Knowledge Engineering and Computer Science, Doshisha University.
... Long Live Free Software, LIBERTAS OMNI VINCIT.

Reply to:

References:
- Re: apt-get and The_User
  - From: xsdg <xsdg@softhome.net>
- Re: apt-get and The_User
  - From: Remco Blaakmeer <remco-blaakmeer@quicknet.nl>

Prev by Date: Reappearing Directories?
Next by Date: Re: kernel depends?
Previous by thread: Re: apt-get and The_User
Next by thread: Re: apt-get and The_User
Index(es):
- Date
- Thread