On 3/20/2013 6:09 AM, tal.tchwe...@gmail.com wrote:
> From: Tal Tchwella
>
> I want to suggest adding chroot capability to all users.
It is much too easy to create an environment for
tricking privileged programs using chroot to allow
unprivileged processes to use chroot. /etc/shadow
is your trivi
On 03/20/2013 07:53:42 AM, Tal Tchwella wrote:
I want to suggest adding chroot capability to all users.
I note that chroot doesn't quite do what most people think it does:
http://landley.net/notes-2011.html#02-06-2011
I've had a todo item forever to modify chroot to actually change the
pr
From: Tal Tchwella
I want to suggest adding chroot capability to all users.
The following patches enable that capability, while considering the security
mechanism needed to disable escape routes for chroots by non-root users,
and keeping chroot backward-compatible for root users.
The first patch
I want to suggest adding chroot capability to all users.
The following patches enable that capability, while considering the security
mechanism needed to disable escape routes for chroots by non-root users,
and keeping chroot backward-compatible for root users.
The first patch establishes the conc
4 matches
Mail list logo
