[1534] in bugtraq
chroot'ed environment?
daemon@ATHENA.MIT.EDU (Marc Samama)
Wed Apr 19 01:41:51 1995
Date: Tue, 18 Apr 1995 21:12:16 +0900
From: Marc Samama <marc@tky.icdc.fr>
To: bugtraq@fc.net
Could someone give me a hint on what security it buys to do a chroot before
servicing a request from a network daemon? I guess it depends on what the
attacker is able to find in the chrooted environment, if he can import
programs, ...
Also, if it is not too off-topic, what would be the best way to allow syslogs
after a chroot, if the syslog daemon uses unix datagram sockets, that dont
survive the chroot call?
Thank you,
Marc.
