On Fri, Jul 17, 1998 at 11:30:32AM +0300, Cougar wrote:
> What this chroot gives You? Actually this is protection against simple
> exec("/bin/sh") but every cracker may put chroot("/") before this and all
> the protection is destroyed.
>
> [mod: It is slightly less trivial than 'chroot("/")', but if you can
> execute arbitrary code as root, you can break out of the chrooted
> environment. --REW]
>
Yes, but at least the lastest version of bind has the option to drop
root prevs after opening the socket.
> My idea is to run named non-root UID/GID. As named needs to bind port 53
> which is below 1024 there are problem to execute it. One solution is to
> rewrite named code (like httpd) another is to make the hole into the
> kernel. Both are nonstandard solutions. There are also possible to use
> some portwrapper/redir. Does anyone use some of these?
You can use the kernel firewall for this, but in this case, has in
most cases, there is no need.
--
Filipe Marques de Almeida
--
Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
