On 02/06/2014 11:05 PM, Andy Bradford wrote: > Thus said "S. Dale Morrey" on Thu, 06 Feb 2014 11:18:22 -0700: > >> I'm guessing SELinux might have helped but in as we discussed before I >> make it habit to shut that off because 99% of the time it's just in my >> way. > > SELinux is overkill for something that can be more easily managed in a > chroot.
Dale's original compromise was through a non-root daemon followed by an exploit that got local root. It's my understanding that once you have root in a chroot you can escape the chroot quite easily. Am I wrong about this? /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
