Security - suggested hack using chroot
MCLINDEN at RUTGERS.ARPA
MCLINDEN at RUTGERS.ARPA
Thu Jul 7 10:47:23 AEST 1983
From: Sean McLinden <MCLINDEN at RUTGERS.ARPA>
Andy:
I don't know about version 7 Unix, but the situation I suggested
has little to do with what is linked to what. The simple fact is
that if you chroot to "/usr/guest" for example, then "/" is
equivalent to "/usr/guest", there is NO "/usr", or rather, if
there is a "/usr" it would (in reality), be "/usr/guest/usr".
The prefixing slash in any pathname is, in fact, an abbreviation
for the root directory (whatever it happens to be). Insofar as
any program you might want to write goes, you can't backup
over that link, even if it does exist. I suggest you retry the
problem only this time make sure it does a setuid "root" (it
obviously won't work, otherwise).
By the way, this isn't just speculation. I've done it.
The bubble is in your court.
Sean
-------
More information about the Comp.unix.wizards
mailing list