NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Linux Security Auditing Project> 2000-q3

Subject: Re: chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed
From: haradaobunsha.co.jp
Date: Sun Jul 23 2000 - 23:43:52 CDT

Next message: Olaf Kirch: "Re: /var/lock permissions"
Previous message: Len Budney: "Re: Demo patch - run telnetd as non-root and chroot()'ed"
Maybe in reply to: Drew Whittle: "chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed"
Next in thread: Solar Designer: "Re: chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed"
Next in thread: Pavel Kankovsky: "Re: Demo patch - run telnetd as non-root and chroot()'ed"
Maybe reply: haradaobunsha.co.jp: "Re: chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed"
Reply: Solar Designer: "Re: chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed"
Reply: Wichert Akkerman: "Re: chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed"
Reply: Jim Dennis: "Re: chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Besides the two binaries and their config and PID files, there's also
> /dev/log (hardlink to the real one) and /usr/lib/zoneinfo/zoneinfo.
> That's all.

Sorry if I'm missing something here, but I thought that it was generally
recommended to keep your chroot directory in a non-root partition (/var,
etc) - the hard link to /dev/log would preclude that, wouldn't it?

Bruce Harada

Next message: Olaf Kirch: "Re: /var/lock permissions"
Previous message: Len Budney: "Re: Demo patch - run telnetd as non-root and chroot()'ed"
Maybe in reply to: Drew Whittle: "chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed"
Next in thread: Solar Designer: "Re: chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed"
Next in thread: Pavel Kankovsky: "Re: Demo patch - run telnetd as non-root and chroot()'ed"
Maybe reply: haradaobunsha.co.jp: "Re: chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed"
Reply: Solar Designer: "Re: chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed"
Reply: Wichert Akkerman: "Re: chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed"
Reply: Jim Dennis: "Re: chroot excess WAS:: Demo patch - run telnetd as non-root and chroot()'ed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]