[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenBSD rootkit?

To: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>
Subject: Re: OpenBSD rootkit?
From: Artur Grabowski <art@blahonga.org>
Date: 14 Jul 2002 14:59:29 +0200
Cc: Jolan Luff <jolan@enteract.com>, tech@openbsd.org
References: <20020714162911.H869@tigerteam.net> <Pine.BSF.4.32L2.0207140408110.42129-100000@shell-3.enteract.com> <20020714094425.GA48873@lagoon.freebsd.lublin.pl>
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2

Przemyslaw Frasunek <venglin@freebsd.lublin.pl> writes:

> On Sun, Jul 14, 2002, Jolan Luff wrote:
> > ssh -> privsep
> > apache -> chroot
> 
> Chroot provides almost no extra security. It can be abused in many
> ways when attacker gets uid=0 inside.

So don't allow the attacker to get uid=0 inside.

> And this is possible with a little help from kernel bugs. 

Getting uid 0 inside the chroot? Why haven't you reported those bugs?

//art

References:
- Re: OpenBSD rootkit?
  - From: Fyodor <fygrave@tigerteam.net>
- Re: OpenBSD rootkit?
  - From: Jolan Luff <jolan@enteract.com>
- Re: OpenBSD rootkit?
  - From: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>

Prev by Date: Re: OpenBSD rootkit?
Next by Date: Re: OpenBSD rootkit?
Prev by thread: Re: Apache Chroot
Next by thread: Re: OpenBSD rootkit?
Index(es):
- Date
- Thread