[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OpenBSD rootkit?
Przemyslaw Frasunek <email@example.com> writes:
> On Sun, Jul 14, 2002, Jolan Luff wrote:
> > ssh -> privsep
> > apache -> chroot
> Chroot provides almost no extra security. It can be abused in many
> ways when attacker gets uid=0 inside.
So don't allow the attacker to get uid=0 inside.
> And this is possible with a little help from kernel bugs.
Getting uid 0 inside the chroot? Why haven't you reported those bugs?