[1536] in linux-security and linux-alert archive
[linux-security] Re: Re: Re: Re: Re: Buffer Overflows: A Summary
daemon@ATHENA.MIT.EDU (Andrew G. Morgan)
Tue May 6 06:55:47 1997
From: "Andrew G. Morgan" <morgan@parc.power.net>
To: linux-security@redhat.com
Date: Mon, 5 May 1997 15:41:09 -0700 (PDT)
In-Reply-To: <5l67wxhora.fsf@tequila.systemsz.cs.yale.edu> from "Stefan Monnier" at May 5, 97 12:23:05 pm
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
> [mod: Yes. One "catchall" would be to modify "suser()" to return
> (uid==0) && (current->root == THE_ROOT). That would make a uid==0 in a
> chrooted environment just another user. Just with a special uid. But
> still you would have to review the WHOLE system to be sure that no
> holes remain.... --REW]
Another would be to adopt the linux-privs (POSIX.1e aka. POSIX 6) model
http://parc.power.net/morgan/Orange-Linux/linux-privs/index.html
and adopt individual capabilities/privileges instead of having a single
omnipotent superuser.
By removing capability sets from the files in your chroot prison cell it
should be possible to secure it against escape by any user...
Cheers
Andrew
--
Linux-PAM, libpwdb, Orange-Linux and Linux-GSS
http://parc.power.net/morgan/index.html
[ For those that prefer FTP --- ftp://ftp.lalug.org/morgan ]