Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: [suse-security] chroot
  • From: Ralf Koch <info@xxxxxxxxxx>
  • Date: Thu, 7 Dec 2000 01:01:49 +0100
  • Message-id: <PM-CB.20001207010149.69975.2.1D@xxxxxxxxxxxxx>
I totally agree, but I think that's a general problem of all Linux
versions including chrooted Linux cages. I searched Bugtraq for
chroot exploits and just found 2 messages. The first from 1991 isn't
really interesting. The second one discusses the knowledgement of
being on server root or on virtual root which MIGHT be a starting
point for hackers to break the chroot jail.

I have not found a message dealing with a breakable chroot
environment - except ftp faults (wu-ftp) during their attempt to
create perform a chroot.

Ralf

>There have been root hacks in crontab before. There likely will be
>some in
>the future too.
>
>Kurt
>


< Previous Next >