[4396] in bugtraq
Re: Buffer Overflows: A Summary
daemon@ATHENA.MIT.EDU (Thomas H. Ptacek)
Fri May 2 15:58:43 1997
Date: Fri, 2 May 1997 12:33:00 -0500
Reply-To: tqbf@enteract.com
From: "Thomas H. Ptacek" <tqbf@ENTERACT.COM>
X-To: trost@CLOUD.RAIN.COM
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <m0wN9pe-0000BxC@cloud.rain.com> from "Bill Trost" at May 1,
97 09:20:30 pm
> Another alternative that has the advantage of already existing and being
> relatively easy to use is the chroot() system call. For example, named would
> be a much less attractive target it if chroot()ed to /etc/namedb (or whatever)
> as soon as it knew where its startup directory was. Then all named could do is
> mangle your name service files.
On almost all Unix operating systems, having superuser access in a
chroot() jail is still dangerous. In some recent revisions of 4.4BSD
operating systems, root can trivially escape chroot(), as well.
----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com]
----------------
"If you're so special, why aren't you dead?"
