Re: Advice Needed On Recent Rootings

To: Debian Security <debian-security@lists.debian.org>
Subject: Re: Advice Needed On Recent Rootings
From: Phillip Hofmeister <plhofmei@zionlth.org>
Date: Tue, 3 Jun 2003 10:02:09 -0400
Message-id: <[🔎] 20030603140209.GA14800@zionlth.org>
Mail-followup-to: Debian Security <debian-security@lists.debian.org>
In-reply-to: <[🔎] 20030602203821.GA18163@galacticasoftware.com>
References: <20030525180430.GB32546@yagami.infodump.net> <20030525182528.GE3395@keimel.com> <20030528045821.GA7093@yagami.infodump.net> <[🔎] 20030602203821.GA18163@galacticasoftware.com>

On Mon, 02 Jun 2003 at 03:38:21PM -0500, Adam Majer wrote:
> With something like sendmail or apache, it only needs to see a very
> limited part of the file system, so even braking these will not do
> any real damage.

Don't get too over confident about chrooting Apache.  One Apache process
runs as root.  This means if there is an exploit that sends arbitrary
code across the shared scoreboard it could be ran as root and break out
of the jail.

However, for the most part, chrooting is a valid countermeasure/method
to compartmentalize.  It is a shame that no distribution comes with
packages natively created with/for chrooting.

-- 
Phillip Hofmeister

PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import
--
Excuse #134: Backbone Scoliosis

Reply to:

Follow-Ups:
- Re: Advice Needed On Recent Rootings
  - From: Mark Ferlatte <ferlatte@cryptio.net>

References:
- Re: Advice Needed On Recent Rootings
  - From: Adam Majer <adamm@galacticasoftware.com>

Prev by Date: Re: Advice Needed On Recent Rootings
Next by Date: [LUNI]/[DEB_SEC]lscan-worm sambal-worm
Previous by thread: Re: Advice Needed On Recent Rootings
Next by thread: Re: Advice Needed On Recent Rootings
Index(es):
- Date
- Thread