From owner-freebsd-security  Sun Nov  3 12:26:55 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id MAA20008
          for security-outgoing; Sun, 3 Nov 1996 12:26:55 -0800 (PST)
Received: from scanner.worldgate.com (scanner.worldgate.com [198.161.84.3])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id MAA20001
          for <freebsd-security@FreeBSD.org>; Sun, 3 Nov 1996 12:26:42 -0800 (PST)
Received: from znep.com (uucp@localhost) by scanner.worldgate.com (8.7.5/8.7.3) with UUCP id NAA06180; Sun, 3 Nov 1996 13:25:25 -0700 (MST)
Received: from localhost (marcs@localhost) by alive.ampr.ab.ca (8.7.5/8.7.3) with SMTP id NAA05850; Sun, 3 Nov 1996 13:23:15 -0700 (MST)
Date: Sun, 3 Nov 1996 13:23:14 -0700 (MST)
From: Marc Slemko <marcs@znep.com>
X-Sender: marcs@alive.ampr.ab.ca
To: Dev Chanchani <dev@trifecta.com>
cc: freebsd-security@FreeBSD.org
Subject: Re: chroot() security
In-Reply-To: <Pine.BSF.3.91.961103150038.3636A-100000@www.trifecta.com>
Message-ID: <Pine.BSF.3.95.961103132042.4239G-100000@alive.ampr.ab.ca>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk

Check your ptys, ie. /dev/ttyp*.  Be sure you have enough of them created
in the chrooted /dev/.  It may want an /etc/ttys too.

When all else fails, do something like add a sleep in there before the
telnetd is run and then do a ktrace -i on the process and see what it
tries to open just before it dies.

On Sun, 3 Nov 1996, Dev Chanchani wrote:

> > telnetd@192.168.0.1 : \
> > 	.example.com : \
> > 	rfc931 : severity auth.info : \
> > 	twist = /usr/sbin/chroot /directory/to/chroot/to /usr/libexec/telnetd
> 
> Trying this method, I am getting the error telnetd: all network ports in 
> use.
> 
> I am sure all network ports are not in use :)
> 
> any ideas?
> 
> Thanks in advance.
>