Re: Buffer Overflows: A Summary
Thomas H. Ptacek (tqbf@enteract.com)
Fri, 02 May 1997 12:33:00 -0500
> Another alternative that has the advantage of already existing and being
> relatively easy to use is the chroot() system call. For example, named would
> be a much less attractive target it if chroot()ed to /etc/namedb (or whatever)
> as soon as it knew where its startup directory was. Then all named could do is
> mangle your name service files.
On almost all Unix operating systems, having superuser access in a
chroot() jail is still dangerous. In some recent revisions of 4.4BSD
operating systems, root can trivially escape chroot(), as well.
----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf@enteract.com]
----------------
"If you're so special, why aren't you dead?"