[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OpenBSD rootkit?
On Sun, Jul 14, 2002 at 11:44:25AM +0200, Przemyslaw Frasunek wrote:
> On Sun, Jul 14, 2002, Jolan Luff wrote:
> > ssh -> privsep
> > apache -> chroot
> Chroot provides almost no extra security. It can be abused in many
> ways when attacker gets uid=0 inside. And this is possible with a little
> help from kernel bugs.
what about actually checking what we've done with apache before rumbling.
httpd does not only chroot but drops permissions too now.
- Apache Chroot
- From: "Randall Augustus Alexander" <email@example.com>