From owner-freebsd-security Thu Jul 12 13: 8:52 2001 Delivered-To: freebsd-security@freebsd.org Received: from scientia.demon.co.uk (scientia.demon.co.uk [212.228.14.13]) by hub.freebsd.org (Postfix) with ESMTP id 9AB7037B403 for ; Thu, 12 Jul 2001 13:08:46 -0700 (PDT) (envelope-from ben@FreeBSD.org) Received: from strontium.shef.vinosystems.com ([192.168.91.36] ident=root) by scientia.demon.co.uk with esmtp (Exim 3.30 #1) id 15KmlP-000Hl2-00; Thu, 12 Jul 2001 21:08:43 +0100 Received: (from ben@localhost) by strontium.shef.vinosystems.com (8.11.4/8.11.4) id f6CK8hC28093; Thu, 12 Jul 2001 21:08:43 +0100 (BST) (envelope-from ben@FreeBSD.org) X-Authentication-Warning: strontium.shef.vinosystems.com: ben set sender to ben@FreeBSD.org using -f Date: Thu, 12 Jul 2001 21:08:43 +0100 From: Ben Smithurst To: Ryan Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD 4.3 local root PREVENTIONS Message-ID: <20010712210842.A26439@strontium.shef.vinosystems.com> References: <20010712162140.N17358-100000@cactus.fi.uba.ar> <000801c10b0c$0d830d10$45d8db40@mhx800> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <000801c10b0c$0d830d10$45d8db40@mhx800> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Ryan wrote: > Try this > running it in a chroot SYNOPSIS #include int chroot(const char *dirname) DESCRIPTION ... This call is restricted to the super-user. A rather pointless exercise, wouldn't you say? Of course, if there's a problem with chroot() which allows non-root users to chroot somewhere, that's another matter entirely. -- Ben Smithurst / ben@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message