Date: Tue, 27 May 1997 23:38:12 +0200 From: Peter Korsten <peter@grendel.IAEhv.nl> To: Terry Lambert <terry@lambert.org> Cc: hackers@FreeBSD.ORG Subject: Re: Correct way to chroot for shell account users? Message-ID: <19970527233812.31278@hw.nl> In-Reply-To: <199705271616.JAA15356@phaeton.artisoft.com>; from Terry Lambert on Tue, May 27, 1997 at 09:16:05AM -0700 References: <19970526233013.13944@hw.nl> <199705271616.JAA15356@phaeton.artisoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Terry Lambert shared with us: > > > > I don't think you can build a real shell (like sh or csh) and have > > it run safely inside a chroot environment. Someone (as a matter of > > fact, the FreeBSD security officer :) ) showed me how to break out > > of a chroot environment with a simple 'ln' or something like that. > > Actually, this problem has to do with namei() and the use of NULL > to indicate a non-chroot struct file * for the current directory > for the process. No, it really was with some simple /bin commands. No structures or null pointers were mentoined. > I've complained about this before. No kidding. :) - Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970527233812.31278>