Date: Sat, 30 Sep 2000 18:45:51 -0700 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: "Brian F. Feldman" <green@FreeBSD.ORG>, Mike Silbersack <silby@silby.com>, security@FreeBSD.ORG Subject: Re: cvs commit: ports/mail/pine4 Makefile (fwd) Message-ID: <200010010146.e911kSk03262@cwsys.cwsent.com> In-Reply-To: Your message of "Sat, 30 Sep 2000 18:34:06 EDT." <Pine.NEB.3.96L.1000930183027.44353A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.NEB.3.96L.1000930183027.44353A-100000@fledge.watson.org >, Robe rt Watson writes: > > Using only chroot() and the ability to execute arbitrary code, it is easy > to break out of a user-initiated sandbox if any processes owned by the > same user are present outside of the sandbox. The last time I tried the chroot() breakout code under FreeBSD-4 it didn't work. I assume that someone had fixed FreeBSD. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010010146.e911kSk03262>