[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Re: Root password change

To: "'full-disclosure@xxxxxxxxxxxxxxxxx'" <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] Re: Root password change
From: Chris Adams <cmadams@xxxxxxxxxx>
Date: Thu, 30 Mar 2006 13:35:37 -0600

Once upon a time, Michael Holstein <michael.holstein@xxxxxxxxxxx> said:
> if you're chrooted under /tmp (as it sounds from your email) you're out 
> of luck, unless you have a way to escape the chroot due to a 
> misconfiguration of that environment in the first place.

If you are root, chroot is easy to break (that's why chroot is not
secure for root-owned processes).

-- 
Chris Adams <cmadams@xxxxxxxxxx>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Root password change
  - From: Mockbee, Tom
- Re: [Full-disclosure] Root password change
  - From: Michael Holstein

Prev by Date: [Full-disclosure] Re: Re: ExplorerXP : Directory Traversal and CrossSiteScripting
Next by Date: RE: [Full-disclosure] Strange interactions between tunnelling and SMBunder the proprietary Microsoft Windows environment
Previous by thread: Re: [Full-disclosure] Root password change
Next by thread: Re: [Full-disclosure] Root password change
Index(es):
- Date
- Thread