Mailinglist Archive: opensuse-security (520 mails)
| < Previous | Next > |
Re: [suse-security] chroot
- From: Ralf Koch <info@xxxxxxxxxx>
- Date: Thu, 7 Dec 2000 01:01:49 +0100
- Message-id: <PM-CB.20001207010149.69975.2.1D@xxxxxxxxxxxxx>
I totally agree, but I think that's a general problem of all Linux
versions including chrooted Linux cages. I searched Bugtraq for
chroot exploits and just found 2 messages. The first from 1991 isn't
really interesting. The second one discusses the knowledgement of
being on server root or on virtual root which MIGHT be a starting
point for hackers to break the chroot jail.
I have not found a message dealing with a breakable chroot
environment - except ftp faults (wu-ftp) during their attempt to
create perform a chroot.
Ralf
>There have been root hacks in crontab before. There likely will be
>some in
>the future too.
>
>Kurt
>
versions including chrooted Linux cages. I searched Bugtraq for
chroot exploits and just found 2 messages. The first from 1991 isn't
really interesting. The second one discusses the knowledgement of
being on server root or on virtual root which MIGHT be a starting
point for hackers to break the chroot jail.
I have not found a message dealing with a breakable chroot
environment - except ftp faults (wu-ftp) during their attempt to
create perform a chroot.
Ralf
>There have been root hacks in crontab before. There likely will be
>some in
>the future too.
>
>Kurt
>
| < Previous | Next > |