Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1994: Re: wu-ftpd info.

Re: wu-ftpd info.

Ken Hardy (kenbridge.com)
Wed, 13 Apr 94 09:12:24 CDT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Paul A Vixie: "Re: wu-ftpd info."
Previous message: Christopher Klaus: "wu-ftpd info."
Maybe in reply to: Christopher Klaus: "wu-ftpd info."
Next in thread: jddcdf.toronto.edu: "Re: wu-ftpd info."

What are the dangers posed by someone gaining root access, as through a
trojaned ftpd, in a _chrooted_ environment, assuming that the environment
gets chrooted before there's any chance of compromise?  Granted, you
don't want strangers enabled to wreak havoc with your ftp heirarchy
(and planting _more_ trojans), but what kind of threats can be posed
to the rest of the system from such a toehold?

-KH

Next message: Paul A Vixie: "Re: wu-ftpd info."
Previous message: Christopher Klaus: "wu-ftpd info."
Maybe in reply to: Christopher Klaus: "wu-ftpd info."
Next in thread: jddcdf.toronto.edu: "Re: wu-ftpd info."