Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!wuarchive!gem.mps.ohio-state.edu!tut.cis.ohio-state.edu!cs.utexas.edu!execu!sequoia!rpp386!jfh
From: jfh@rpp386.cactus.org (John F. Haugh II)
Newsgroups: comp.sources.d
Subject: Re: Safer unsharing -- why chroot() *really* doesn't work
Summary: Or why it does ...
Message-ID: <17196@rpp386.cactus.org>
Date: 27 Oct 89 07:16:18 GMT
References: <DRW.89Oct25234218@fibonacci.math.mit.edu>
Reply-To: jfh@rpp386.cactus.org (John F. Haugh II)
Organization: River Parishes Programming, Austin TX
Lines: 24

In article <DRW.89Oct25234218@fibonacci.math.mit.edu> drw@fibonacci.math.mit.edu (Dale R. Worley) writes:
>To break security with chroot():
>

[ And then gives several steps for breaking into a chroot()'d tree. ]

If you can do all of that then you can just slide right in without
even needing a shell script.

The permission restrictions on ~/, ~/bin, and ~/etc are NO LESS
SERIOUS than on the real /, /bin, and /etc.

>Voila!

Not quite so easy as you claim.

>Sigh,

Yes, Sigh.
-- 
John F. Haugh II                        +-Things you didn't want to know:------
VoiceNet: (512) 832-8832   Data: -8835  | The real meaning of EMACS is ...
InterNet: jfh@rpp386.cactus.org         |   ... EMACS makes a computer slow.
UUCPNet:  {texbell|bigtex}!rpp386!jfh   +--<><--<><--<><--<><--<><--<><--<><---