[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: apt-get and The_User



On Sun, Dec 03, 2000 at 02:49:45AM -0800, Thomas Bushnell, BSG wrote:
> Tollef Fog Heen <tollef@add.no> writes:
> 
> > Voila, you are root, and breaking out of chroot shouldn't be a
> > problem.
> 
> Indeed you are root, and could halt the system immediately (which is
> bad enough).  Breaking out is only possibly because of the double
> chroot trick that Ethan Benson explained.  If you fix that trick
> (which can be done), then breaking out is relatively difficult.  You

didn't OpenBSD or FreeBSD create chroot() on steroids called jail() ?
i am not sure of the details might be interesting to look at.

> can still hose the machine though in many ways, such as halt, or funky
> games with the network. 

mknod hda b 3 0 
mknod zero c 1 5
cat zero > hda

mount -t proc proc proc
slay root ;-)

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgpeS6ca3JoWJ.pgp
Description: PGP signature


Reply to: