Re: Linux proc exploit

Rogier Wolff (R.E.Wolff@BitWizard.nl)
Wed, 26 Nov 1997 19:25:38 +0100 (MET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Petr Vandrovec Ing. VTEI: "Mysterious UDP sockets in 2.0.32"
Previous message: Chris Evans: "Re: [sx]quake still segfaults with 2.0.32 and MMX pentium"
In reply to: D.P.Simpson@ecs.soton.ac.uk: "Linux proc exploit"

D.P.Simpson@ecs.soton.ac.uk wrote:
>
> Linux has a vulnerability in the proc filing system: it can be used
> by root to escape from chroot() areas.

Any "root" user inside a chrooted environment is also root on the
whole machine. The intent of a chrooted environment is that those
confined to that "jail" don't have the holes available to become root.

Roger.

-- 
** R.E.Wolff@BitWizard.nl ** +31-15-2137555 ** http://www.BitWizard.nl/ **
Florida -- A 39 year old construction worker woke up this morning when a
109-car freight train drove over him. According to the police the man was 
drunk. The man himself claims he slipped while walking the dog. 080897

Next message: Petr Vandrovec Ing. VTEI: "Mysterious UDP sockets in 2.0.32"
Previous message: Chris Evans: "Re: [sx]quake still segfaults with 2.0.32 and MMX pentium"
In reply to: D.P.Simpson@ecs.soton.ac.uk: "Linux proc exploit"