Date: 16 Nov 1998 22:30:19 -0600 From: Joel Ray Holveck <joelh@gnu.org> To: Mike Smith <mike@smith.net.au> Cc: Harold Gutch <logix@foobar.franken.de>, zhihuizhang <bf20761@binghamton.edu>, hackers <freebsd-hackers@FreeBSD.ORG> Subject: Re: Question on chroot() Message-ID: <86sofjym90.fsf@detlev.UUCP> In-Reply-To: Mike Smith's message of "Sun, 15 Nov 1998 12:56:03 -0800" References: <199811152056.MAA14163@dingo.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>>> Breaking out of a chroot'ed environment is less easy if you're not >>> root >> Is this meant to be read as "more or less impossible", that is, >> impossible unless the user can become root first (due to insecure >> suid-root binaries in the chroot-environment etc.), or can users >> really break out in more or less every situation (of course >> assuming stuff like that they don't have any open filehandles >> pointing to the outside in the beginning). > It's quite difficult to break out of a chroot'ed environment, yes, and > it's intended to be impossible, so obviously you can only get out > through flaws in the implementation... You can read the archives for info on this, either in -current or -hackers, I don't recall which. Terry frequently mentions that it is trivial to break out of a chroot environment, and that he had posted specifics at some point. Happy hacking, joelh -- Joel Ray Holveck - joelh@gnu.org Fourth law of programming: Anything that can go wrong wi sendmail: segmentation violation - core dumped To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86sofjym90.fsf>