Mailinglist Archive: opensuse-security (260 mails)

< Previous Next >
Re: [suse-security] dhcpd patch
  • From: Thomas Biege <thomas@xxxxxxx>
  • Date: Tue, 25 Jul 2000 13:49:26 +0200 (CEST)
  • Message-id: <Pine.LNX.4.21.0007251348530.26774-100000@xxxxxxxxxxxxxx>
On Tue, 25 Jul 2000, Kurt Seifried wrote:

> > hm, the guy, who wrotes that patch seems not very familiar with chroot()ed
> > environments. he misses the chdir() after the chroot(), which makes the
> > chroot jail unsecure. to be on the safe track initgroups() should be
> > called in addition to setgid(), he also missed that. there could be more
> > failures like this. if i have the time, i'll debug and test this patch...
> > maybe it'll become part of our next SuSE, but I don't think so. As long as
> > we have Marc's Compartment it would be wiser to use this instead of a
> > buggy patch.
>
> Yeah Olaf Kirch made the same comment. What's the URL for compartment, I

www.suse.de/~marc

> haven't looked at that in ages (my head hurts).

too much beer, eh? ;)

Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas@xxxxxxx Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47


< Previous Next >
References