Date: Sun, 16 Aug 1998 02:08:46 -0600 From: Warner Losh <imp@village.org> To: Philippe Regnauld <regnauld@deepo.prosa.dk> Cc: rotel@indigo.ie, freebsd-security@FreeBSD.ORG Subject: Re: Fwd: "Using capabilties aaginst shell code" <dps@IO.STARGATE.CO.UK> Message-ID: <199808160808.CAA15120@harmony.village.org> In-Reply-To: Your message of "Sat, 15 Aug 1998 13:13:09 %2B0200." <19980815131309.14782@deepo.prosa.dk> References: <19980815131309.14782@deepo.prosa.dk> <19980814123240.63855@deepo.prosa.dk> <199808142212.XAA01134@indigo.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <19980815131309.14782@deepo.prosa.dk> Philippe Regnauld writes: : What do you call "making chroot secure" ? I'd say not being able to access or make raw device nodes, should you get root, not being able to bust out of the chroot jail with some clever chdiring, the ability to create "secure" (low port) sockets and likely several other holes that I'm forgetting at the moment. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808160808.CAA15120>