[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OpenBSD rootkit?
> On Sun, Jul 14, 2002, Jolan Luff wrote:
> > ssh -> privsep
> > apache -> chroot
> Chroot provides almost no extra security. It can be abused in many
> ways when attacker gets uid=0 inside.
Which is why they run without uid 0.
> And this is possible with a little
> help from kernel bugs.
Go on, keep talking
> Jail(2) syscall from FreeBSD provides limited environment and the
> *real* security for imprisoning processes.
Yes, that's a heck of a lot more code that can go wrong, too.