>On Tue, 14 Jul 1998, Carlos Barros wrote: > >> On Tue, 14 Jul 1998, cfb wrote: >> >> > The main problem seems to be with the way that debian starts bind using >> > the script /etc/init.d/bind. I thought it would be really neat to just >> > change the #!/bin/sh at the top of the script to something like : >> > #!/usr/sbin/chroot /chroot-dns/ /bin/sh >> > or >> > #!/usr/sbin/chroot /chroot-dns/ /chroot-dns/bin/sh >> >> >> try changing only the line that start the bind daemon eg: >> >> chroot /chroot-dns/ /bin/named > >What this chroot gives You? Actually this is protection against simple >exec("/bin/sh") but every cracker may put chroot("/") before this and all >the protection is destroyed.
use the -u and -g to set the UID/GID. http://redhat-security.seifried.org/ tells all =) >[mod: It is slightly less trivial than 'chroot("/")', but if you can >execute arbitrary code as root, you can break out of the chrooted >environment. --REW] > >My idea is to run named non-root UID/GID. As named needs to bind port 53 >which is below 1024 there are problem to execute it. One solution is to >rewrite named code (like httpd) another is to make the hole into the >kernel. Both are nonstandard solutions. There are also possible to use >some portwrapper/redir. Does anyone use some of these? > >[mod: Patches are floating around. -- REW] >--- >Cougar -seifried -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null