|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: chroot question: Hardlinks or softlinks
From: Ralf Hildebrandt (Ralf.Hildebrandt
charite.de)
Date: Tue Dec 02 2003 - 03:16:45 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
* Luca Berra <blucacomedia.it>:
> On Tue, Dec 02, 2003 at 09:56:49AM +0100, Ralf Hildebrandt wrote:
> >ln /etc/resolv.conf $queue_directory/etc/resolv.conf
> this would work only if /etc and $queue_directory are on the same
> filesystem, which is a _very_ _bad_ idea (not only from a security
> perspective)
>
> >ln -s $queue_directory/etc/resolv.conf /etc/resolv.conf
> this works, but if the purpose of chroot is removing the possibility for
> an attacker to make system wide changes, i would not make
> $queue_directory/etc/resolv.conf a system file.
>
> what's wrong with copying the file? is it changed that often?
I was merely taking this as an example.
--
Ralf Hildebrandt Ralf.Hildebrandtcharite.de
my current spamtrap spamtrapcharite.de
http://www.arschkrebs.de/postfix/ Tel. +49 (0)30-450 570-155
Do daemons dream of electric sleep()?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]