I read it as her talking about chroot in general.
On Mon, 27 Sep 1999, Poul-Henning Kamp wrote:
In message [EMAIL PROTECTED], Julian
Elischer writes:
You have to examine ALL fd's in case one has a directory open that is
outside the chroot..
(see man fchdir(2))
We do. See source.
In message [EMAIL PROTECTED], Julian
Elischer writes:
I read it as her talking about chroot in general.
We do. See source. :-)
On Mon, 27 Sep 1999, Poul-Henning Kamp wrote:
In message [EMAIL PROTECTED], Julian
Elischer writes:
You have to examine ALL fd's in case one has a directory
Hello,
I was referring to the practice of chdir-ing
to someplace within the chrooted area right *after* doing the
chroot, before doing anything else. Otherwise, the current
working directory may be pointing to a directory *outside*
the chrooted area. Of course, if you set the current working
Poul-Henning Kamp wrote:
In message [EMAIL PROTECTED], Julian
Elischer writes:
I read it as her talking about chroot in general.
Yep, I was.
We do. See source. :-)
Are you talking about the new jail() call only, or does this
apply to chroot() (especially in 3.2) ?
(And I am looking in
Alexander Bezroutchko wrote:
it is possible to escape from jail
Following program escapes from jail (tested under 4.0-19990918-CURRENT):
[snip program code that chroot's but doesn't then chdir inside
the new area]
As we all know, the chroot can be escaped because the sample
program doesn't
Ummm sorry but i think you have goten this backwards it is more secure to
chdir, then chrrot, not chroot then chdir I believe what you have here is
backwards
As we all know, the chroot can be escaped because the sample
program doesn't change the current working directory, and it's
Umm I think you have gotten this backwards, it is more secure to chdir first
then chroot I think you have this backwards. in my virtual environment
i chdir working dir, then chroot... ive not been able to escape my
chrooted jail setup yet. nor have i seen any code that will
I actually currently use
-SNIP - EDITED FOR SECURITY -
syslog (LOG_NOTICE,"Changing directory/root to %s",path
if (chdir (path) || chroot (path)) return 1;
}else{
syslog (LOG_NOTICE,"No ("EDITED FOR SECURITY" )
You have to examine ALL fd's in case one has a directory open that is
outside the chroot..
(see man fchdir(2))
julian
On Sun, 26 Sep 1999, Carol Deihl wrote:
Alexander Bezroutchko wrote:
it is possible to escape from jail
Following program escapes from jail (tested under
In message [EMAIL PROTECTED], Julian
Elischer writes:
You have to examine ALL fd's in case one has a directory open that is
outside the chroot..
(see man fchdir(2))
We do. See source.
--
Poul-Henning Kamp FreeBSD coreteam member
[EMAIL PROTECTED] "Real hackers run
10 matches
Mail list logo