Re: securing server

To: debian-security@lists.debian.org
Subject: Re: securing server
From: Bjørn Mork <bmork@dod.no>
Date: Thu, 08 May 2008 08:30:29 +0200
Message-id: <[🔎] 87myn12tq2.fsf@obelix.mork.no>
References: <[🔎] fa218e630805070209x1c5837cbs6b33c32bf3e2b4b9@mail.gmail.com> <[🔎] 1210152509.4647.7.camel@localhost> <[🔎] 20080507094313.GA8333@lapse.madduck.net> <[🔎] fvsveq$4ik$1@online.de> <[🔎] 20080507195721.GA5994@lapse.madduck.net>

martin f krafft <madduck@debian.org> writes:
> also sprach Simon Brandmair <sbrandmair@gmx.net> [2008.05.07.2020 +0100]:
>> > no security benefit
>>  
>> Just wondering: Why not?
>
> http://www.bpfh.net/simes/computing/chroot-break.html

You still need to be root before breaking the jail, and one of the
benefits of the chroot is the ability to limit access to potentionally
vulnerable setuid root applications.

Bjørn
-- 
Ban egocentric cruise missiles

Reply to:

Follow-Ups:
- Re: securing server
  - From: Simon Brandmair <sbrandmair@gmx.net>

References:
- securing server
  - From: "Jean-Paul Lacquement" <zelos414@gmail.com>
- Re: securing server
  - From: weakish <weakish@gmail.com>
- Re: securing server
  - From: martin f krafft <madduck@debian.org>
- Re: securing server
  - From: Simon Brandmair <sbrandmair@gmx.net>
- Re: securing server
  - From: martin f krafft <madduck@debian.org>

Prev by Date: Re: securing server
Next by Date: Re: securing server
Previous by thread: Re: securing server
Next by thread: Re: securing server
Index(es):
- Date
- Thread