OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed
From: haradaobunsha.co.jp
Date: Sun Jul 23 2000 - 23:43:52 CDT


> Besides the two binaries and their config and PID files, there's also
> /dev/log (hardlink to the real one) and /usr/lib/zoneinfo/zoneinfo.
> That's all.

Sorry if I'm missing something here, but I thought that it was generally
recommended to keep your chroot directory in a non-root partition (/var,
etc) - the hard link to /dev/log would preclude that, wouldn't it?

Bruce Harada