From owner-freebsd-current  Tue Dec 15 01:18:24 1998
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id BAA05802
          for freebsd-current-outgoing; Tue, 15 Dec 1998 01:18:24 -0800 (PST)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from apollo.backplane.com (apollo.backplane.com [209.157.86.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA05797
          for <freebsd-current@FreeBSD.ORG>; Tue, 15 Dec 1998 01:18:23 -0800 (PST)
          (envelope-from dillon@apollo.backplane.com)
Received: (from dillon@localhost)
	by apollo.backplane.com (8.9.1/8.9.1) id BAA52694;
	Tue, 15 Dec 1998 01:17:45 -0800 (PST)
	(envelope-from dillon)
Date: Tue, 15 Dec 1998 01:17:45 -0800 (PST)
From: Matthew Dillon <dillon@apollo.backplane.com>
Message-Id: <199812150917.BAA52694@apollo.backplane.com>
To: Mark Murray <mark@grondar.za>
Cc: Joe Abley <jabley@clear.co.nz>, Kevin Day <toasty@home.dragondata.com>,
        freebsd-current@FreeBSD.ORG
Subject: Re: modification to exec in the kernel? 
References: <19981215120357.B11837@clear.co.nz> <199812142331.RAA17203@home.dragondata.com>   <19981215124818.A22526@clear.co.nz>  <199812150644.IAA67338@greenpeace.grondar.za>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


:Joe Abley wrote:
:> I looked at that; however, remember the users will have chrooted access
:> to their directories, and within the chrooted tree will be /usr and
:> descendants containing controlled binaries (owned by someone else, e.g.
:> "root") like perl, awk, sh, etc.
:
:Your security model is flawed. A user can do anything she wants
:(justabout) with shellscript and perl. Picking on compiled binaries
:is not going to make you that much safer.
:
:M

    I think a chroot'd environment can be even *more* dangerous then a 
    non-chroot'd environment because critical system configuration files
    will be missing and potentially creatable by the user - if the
    chroot'd environment is based in a user-owned directory and you've
    installed any suid or sgid system binaries, you have an extremely
    serious security hole on your hands.

						-Matt

:--
:Mark Murray
:Join the anti-SPAM movement: http://www.cauce.org
:
:To Unsubscribe: send mail to majordomo@FreeBSD.org
:with "unsubscribe freebsd-current" in the body of the message
:

    Matthew Dillon  Engineering, HiWay Technologies, Inc. & BEST Internet 
                    Communications & God knows what else.
    <dillon@backplane.com> (Please include original email in any response)    

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message