[scponly] danger of allowing -e in rsync ?
Daniel Webb
lists at danielwebb.us
Wed Apr 5 00:28:56 EDT 2006
On Sat, Mar 25, 2006 at 06:59:58PM +0100, Lupe Christoph wrote:
> On Friday, 2006-03-24 at 07:51:50 +0100, Sven Hoexter wrote:
>
> > Well from time to time someone has found a way to brake out of a chroot.
> > So it might be possible that someone uploads his personal brake-out-of-chroot
> > program and executes it and is out.
>
> The cracker needs to be able to exploit a vulnerability to become root.
> POSIX prescribes that root *must* be able to escape a chroot.
That's what I thought. So a scponly configure option for no command
limitations in the chroot case would be a problem assuming an attacker has a
local root exploit using the access they have in the chroot only. I'd think
that's an acceptable risk for a lot of applications.
More information about the scponly
mailing list