On 2008-11-21, RB <[EMAIL PROTECTED]> wrote: > >> so I would argue that my sensitive syslogged data is more secure in a >> chroot environment where there are no other executables, than on a non- >> chroot environment. > > Argue what you like, but your basis is flawed. You seem to forget > that most exploits bring their own executable [shell]code with them > and often operate purely in-memory. Therefore they don't strictly > need external executables; the lack thereof is more of a nuisance than > a roadblock.
Did you see the comment from Rainer about the secpath-replace property? I think that proves my basis is not flawed. The chroot here protects against code flaws, or configuration flaws that could otherwise give attacker the possibility of overwriting system files. Also you pointing at "most exploits bring their own executable .. operate purely in-memory" argument is flawed when I'm arguing for chroot being *more* secure. Not 100% secure against all flaws, but *more* secure than a non-chrooted process. .. but dropping privileges is higher up on my wishlist, than chroot().. -jf -- http://xkcd.com/386/ ;-) _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com
