From owner-freebsd-security Tue Dec 22 10:58:55 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA02987 for freebsd-security-outgoing; Tue, 22 Dec 1998 10:58:55 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from escape.rtsnet.ru (escape.rtsnet.ru [194.247.132.4]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA02960 for ; Tue, 22 Dec 1998 10:58:49 -0800 (PST) (envelope-from igor@zynaps.ru) Received: from vulcan.rtsnet.ru (vulcan.rtsnet.ru [172.16.4.33]) by escape.rtsnet.ru (8.9.1a/8.9.1/Zynaps) with ESMTP id VAA21500 for ; Tue, 22 Dec 1998 21:58:43 +0300 (MSK) (envelope-from igor@zynaps.ru) Received: (from igor@localhost) by vulcan.rtsnet.ru (8.8.8/8.8.8/Zynaps) id VAA06660 for freebsd-security@freebsd.org; Tue, 22 Dec 1998 21:58:43 +0300 (MSK) (envelope-from igor) Message-ID: <19981222215843.A6647@rtsnet.ru> Date: Tue, 22 Dec 1998 21:58:43 +0300 From: Igor Vinokurov To: freebsd-security@FreeBSD.ORG Subject: Re: About chroot Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dag-Erling Smorgrav write: > > Are there any way to change back to the / , when logged in chroot-ed > > environment? > > Break root, create a device node for kmem, open it, edit your process > structure. Or something like that. Won't work unless there are > exploitable suid binaries available, but I'm sure there are other, > subtler ways. BTW, which devices absolutely needed for chrooted environment? Now I create these: fd/, null, pty*, stdin, stderr, stdout, tty*, zero... -- Igor Vinokurov To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message