Re: Buffer Overflows: A Summary

Thomas H. Ptacek (tqbf@enteract.com)
Fri, 02 May 1997 12:33:00 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tommy Marcus McGuire: "Re: Buffer Overflows: A Summary"
Previous message: Andrew Snare: "Re: Digital UNIX/Irix mesg problem"
Maybe in reply to: Aleph One: "Buffer Overflows: A Summary"
Next in thread: Tommy Marcus McGuire: "Re: Buffer Overflows: A Summary"

> Another alternative that has the advantage of already existing and being
> relatively easy to use is the chroot() system call. For example, named would
> be a much less attractive target it if chroot()ed to /etc/namedb (or whatever)
> as soon as it knew where its startup directory was. Then all named could do is
> mangle your name service files.

On almost all Unix operating systems, having superuser access in a
chroot() jail is still dangerous. In some recent revisions of 4.4BSD
operating systems, root can trivially escape chroot(), as well.

----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com]
----------------
"If you're so special, why aren't you dead?"

Next message: Tommy Marcus McGuire: "Re: Buffer Overflows: A Summary"
Previous message: Andrew Snare: "Re: Digital UNIX/Irix mesg problem"
Maybe in reply to: Aleph One: "Buffer Overflows: A Summary"
Next in thread: Tommy Marcus McGuire: "Re: Buffer Overflows: A Summary"