[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: chroot ssh users

To: "'Hannah Schroeter'" <hannah_(_at_)_schlund_(_dot_)_de>, <misc_(_at_)_openbsd_(_dot_)_org>
Subject: Re: chroot ssh users
From: "Dom De Vitto" <dom_(_at_)_DeVitto_(_dot_)_com>
Date: Sun, 19 Jan 2003 14:00:29 -0000
Organization: Secure Technologies Ltd.

Because they will have permissions to modify permissions and
create files in that directory, and any below it.

Consequently they can scp other binaries into the jail, and start
doing things (running servers, resource attacks etc) that the admin
didn't want.

Dom
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Dom De Vitto                                       Tel. 07855 805 271
http://www.devitto.com                         mailto:dom_(_at_)_devitto_(_dot_)_com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 


-----Original Message-----
From: owner-misc_(_at_)_openbsd_(_dot_)_org [mailto:owner-misc_(_at_)_openbsd_(_dot_)_org] On Behalf
Of Hannah Schroeter
Sent: Sunday, January 19, 2003 12:53 PM
To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: chroot ssh users


Hello!

On Sun, Jan 19, 2003 at 11:34:21AM +0100, Markus Friedl wrote:
>On Sat, Jan 18, 2003 at 08:35:18PM -0500, Telent wrote:
>> /usr/bin/sudo /usr/sbin/chroot $HOME /bin/csh

>chroot to a directory owned by the user is dangerous.

Now I'm curious: Why?

Kind regards,

Hannah.

References:
- Re: chroot ssh users
  - From: Hannah Schroeter

Prev by Date: RAIDframe and softupdates, boot time after a crash
Next by Date: Re: chroot ssh users
Previous by thread: Re: chroot ssh users
Next by thread: Re: chroot ssh users
Index(es):
- Date
- Thread

Visit your host, monkey.org