sarnoldWILLAMETTE.EDU

• Next message: Gert-Jan Hagenaars: "Re: History Files"
• Previous message: Mark Rafn: "Re: History Files"
• In reply to: Marc Slemko: "limited functionality accounts (was: Re: History Files)"
• Next in thread: Alex Andrews: "limited functionality accounts (was: Re: History Files)"
• Next in thread: David Taylor: "Re: History Files"
• Next in thread: Dragos Ruiu: "Re: History Files"
• Reply: Seth R Arnold: "Re: limited functionality accounts (was: Re: History Files)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Marc Slemko <marcsZNEP.COM> [000416 08:45]:
> Also be wary of special filesystems such as /proc inside the chrooted
> environment. On some systems, /proc may let you escape a chrooted
> environment. On some OSes (don't think Linux lets you, but I don't know
> about that for sure...) /proc lets the user edit memory in programs they
> are running. I don't know if any OS/architecture combinations let you

I believe the answers to this is, "Yes, Linux lets users edit memory" --
the /dev/kmem and /dev/mem devices allow mucking around in memory, and
several linux distributions were shipping with world-writable
permissions on those things. Check bugtraq archives for the exaxt
details.

:)

--
Seth Arnold | http://www.willamette.edu/~sarnold/
Hate spam? See http://maps.vix.com/rbl/ for help

• Next message: Gert-Jan Hagenaars: "Re: History Files"
• Previous message: Mark Rafn: "Re: History Files"
• In reply to: Marc Slemko: "limited functionality accounts (was: Re: History Files)"
• Next in thread: Alex Andrews: "limited functionality accounts (was: Re: History Files)"
• Next in thread: David Taylor: "Re: History Files"
• Next in thread: Dragos Ruiu: "Re: History Files"
• Reply: Seth R Arnold: "Re: limited functionality accounts (was: Re: History Files)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]