On Sun, Dec 03, 2000 at 02:49:45AM -0800, Thomas Bushnell, BSG wrote: > Tollef Fog Heen <tollef@add.no> writes: > > > Voila, you are root, and breaking out of chroot shouldn't be a > > problem. > > Indeed you are root, and could halt the system immediately (which is > bad enough). Breaking out is only possibly because of the double > chroot trick that Ethan Benson explained. If you fix that trick > (which can be done), then breaking out is relatively difficult. You didn't OpenBSD or FreeBSD create chroot() on steroids called jail() ? i am not sure of the details might be interesting to look at. > can still hose the machine though in many ways, such as halt, or funky > games with the network. mknod hda b 3 0 mknod zero c 1 5 cat zero > hda mount -t proc proc proc slay root ;-) -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpgNCEdyJgBo.pgp
Description: PGP signature