[scponly] danger of allowing -e in rsync ?
Sven Hoexter
sven at timegate.de
Fri Mar 24 01:51:50 EST 2006
On Thu, Mar 23, 2006 at 12:17:48PM -0700, Daniel Webb wrote:
> On Wed, Mar 22, 2006 at 08:03:18PM -0500, Ensel Sharon wrote:
>
> > I am using scponlyc in a chroot. If I simply edit scponly.c and remove
> > the -e restriction on rsync, doesn't the chroot limit the potential
> > attacker to only those commands that are in the chroot ?
> >
> > How bad of an idea would it be to do this, while I am waiting for these
> > fixes ?
>
> I was wondering the same thing. Even more generally, how bad would it be to
> have a compile-time option to just disable argument checking for the chroot
> case?
>
> Since I have no shell or anything else dangerous in the chroot, can anyone
> posit a worst-case scenario with argument-checking disabled?
Well from time to time someone has found a way to brake out of a chroot.
So it might be possible that someone uploads his personal brake-out-of-chroot
program and executes it and is out.
Sven
--
If God passed a mic to me to speak
I'd say stay in bed, world
Sleep in peace
[The Cardigans - 03:45: No sleep]
More information about the scponly
mailing list