From owner-freebsd-security Fri Oct 8 14:16:33 1999 Delivered-To: freebsd-security@freebsd.org Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.40.131]) by hub.freebsd.org (Postfix) with ESMTP id 295F314F3F for ; Fri, 8 Oct 1999 14:16:29 -0700 (PDT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.9.3/8.9.2) with ESMTP id XAA05270; Fri, 8 Oct 1999 23:15:38 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Justin Wells Cc: freebsd-security@FreeBSD.ORG Subject: Re: more on chroot: "nochroot" filesystems In-reply-to: Your message of "Fri, 08 Oct 1999 17:12:37 EDT." <19991008171237.B1618@fever.semiotek.com> Date: Fri, 08 Oct 1999 23:15:38 +0200 Message-ID: <5268.939417338@critter.freebsd.dk> From: Poul-Henning Kamp Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <19991008171237.B1618@fever.semiotek.com>, Justin Wells writes: >This defeats the "cd ../../../../../.. ; chroot ." trick, and many others. I've tried hard to plug all escapes from chroot/jail in -current. You may want to consider a back port of some of those changes. -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." FreeBSD -- It will take a long time before progress goes too far! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message