From owner-freebsd-current  Wed Dec 16 08:02:41 1998
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA02551
          for freebsd-current-outgoing; Wed, 16 Dec 1998 08:02:41 -0800 (PST)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from server.noc.demon.net (server.noc.demon.net [193.195.224.4])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA02544
          for <current@freebsd.org>; Wed, 16 Dec 1998 08:02:37 -0800 (PST)
          (envelope-from fanf@demon.net)
Received: by server.noc.demon.net; id QAA13175; Wed, 16 Dec 1998 16:02:31 GMT
Received: from fanf.noc.demon.net(195.11.55.83) by inside.noc.demon.net via smap (3.2)
	id xma013161; Wed, 16 Dec 98 16:02:28 GMT
Received: from fanf by fanf.noc.demon.net with local (Exim 1.73 #2)
	id 0zqJU7-0000RJ-00; Wed, 16 Dec 1998 16:07:35 +0000
To: current@FreeBSD.ORG
From: Tony Finch <dot@dotat.at>
Subject: Re: modification to exec in the kernel?
Newsgroups: chiark.mail.freebsd.current
In-Reply-To: <199812151821.KAA56685@apollo.backplane.com>
Organization: Deliberate Obfuscation To Amuse Tony
References: <19981215120357.B11837@clear.co.nz> <199812142331.RAA17203@home.dragondata.com> <19981215124818.A22526@clear.co.nz> <199812150644.IAA67338@greenpeace.grondar.za> <199812150917.BAA52694@apollo.backplane.com> <19981216053701.B27078@clear.co.nz>
Message-Id: <E0zqJU7-0000RJ-00@fanf.noc.demon.net>
Date: Wed, 16 Dec 1998 16:07:35 +0000
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Matthew Dillon <dillon@apollo.backplane.com> wrote:
>
>    I don't see the point.  Let me put it this way:  If you give
>    the user a non-chrooted environment but do not give the user access
>    to any suid/sgid programs, how is this different from giving the user
>    a chroot'd environment without access to any suid/sgid programs?  The
>    only difference that I can think of is access to /tmp.  I don't see how
>    the chroot'd environment is any safer then the non-chroot'd environment.

You can throw away a lot of stuff from the chrooted environment and
still leave the system useful to the admins. AFAICT breaking root in
an environment like this is much more like trying to do so over the
network because the machine's services are only accessible in that
sort of way.

This does assume the integrity of the kernel, though.

Tony.
-- 
   dxoigmn**f.a.n.finch
     fanf@demon.net
                                    dot@dotat.at

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message