From owner-freebsd-security  Sat Dec 19 02:40:12 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id CAA23028
          for freebsd-security-outgoing; Sat, 19 Dec 1998 02:40:12 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from mail1.its.rpi.edu (mail1.its.rpi.edu [128.113.100.7])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA23023
          for <freebsd-security@FreeBSD.ORG>; Sat, 19 Dec 1998 02:40:09 -0800 (PST)
          (envelope-from drosih@rpi.edu)
Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47])
	by mail1.its.rpi.edu (8.8.8/8.8.6) with ESMTP id FAA172816;
	Sat, 19 Dec 1998 05:36:06 -0500
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Sender: drosih@pop1.rpi.edu
Message-Id: <v04011702b2a12f242936@[128.113.24.47]>
In-Reply-To: <11082.914011256@critter.freebsd.dk>
References: Your message of "Fri, 18 Dec 1998 19:57:07 +0100."            
 <Pine.BSF.3.96.981218193124.339A-100000@nympha>
Date: Sat, 19 Dec 1998 05:35:27 -0500
To: Poul-Henning Kamp <phk@critter.freebsd.dk>,
        "Marco Molteni" <molter@tin.it>
From: Garance A Drosihn <drosih@rpi.edu>
Subject: Re: A better explanation (was: buffer overflows and chroot)
Cc: freebsd-security@FreeBSD.ORG
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

At 9:00 PM +0100 12/18/98, Poul-Henning Kamp wrote:
> The basic concept is that root is only root in a jail if the
> filesystem protects the rest of the system, otherwise he isn't.
> For instance he can change the owner or modes on a file, but he
> cannot change IP# on an interface.  He can bind to a priviledged
> TCP port, but only on the IP# which belongs to the jail.  And so
> forth.  Works pretty well.

I can see that this could be very useful in many chroot-ish
situations.  Given the nature of the research Marco described,
though, I would expect "Bob" would want to test many programs
which are doing privileged operations.  I would think it would
be a lot of work to setup a chroot jail which could run all
those programs.

(or at least, if *I* were the "Bob" in this example, I know what
*I* would mean by "I want to research buffer overflows in setuid
programs"...)

Your changes do sound pretty interesting, though.

---
Garance Alistair Drosehn           =   gad@eclipse.its.rpi.edu
Senior Systems Programmer          or  drosih@rpi.edu
Rensselaer Polytechnic Institute

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message