[ On Sunday, August 6, 2000 at 18:47:33 (-0400), Justin Wells wrote: ]
> Subject: Re: cvs-nserver and latest CVS advisory (Was: patch to make CVS chroot)
>
>
> The --chroot flag also significantly reduces the risk here as well. Only
> those executables you place into the chroot area are available for use. If
> you don't need scripts in your CVS installation you could also do without
> having any binaries at all--you could even place the chroot root in on
> a mount point that does not permit executable programs.
>
> In order to break in with the --chroot flag in place you have to smash
> the stack somehow prior to CVS dropping root privileges. After it's
> dropped privileges, it doesn't matter whether or not you can execute
> external programs:
>
> -- You can't write anything outside of the CVS area
> -- The chroot area may not permit executable programs
If someone breaks your hacked chroot patch they will, by your design,
have superuser privileges, at which point chroot is meaningless because
anyone capable of doing the first crack will snuff your chroot in mere
seconds and you'll be so fubared that you might not even be able to
detect any problem for weeks, months, or even years! Read Phrack#54,
for an example of how they can hide from you indefinitely. In fact it's
practically script-kiddie fodder by now.....
Please learn to leave authentication and authorisation to the experts!
--
Greg A. Woods
+1 416 218-0098 VE3TCP <[EMAIL PROTECTED]> <robohack!woods>
Planix, Inc. <[EMAIL PROTECTED]>; Secrets of the Weird <[EMAIL PROTECTED]>
f
