[scponly] danger of allowing -e in rsync ?
lupe at lupe-christoph.de
Sat Mar 25 12:59:58 EST 2006
On Friday, 2006-03-24 at 07:51:50 +0100, Sven Hoexter wrote:
> Well from time to time someone has found a way to brake out of a chroot.
> So it might be possible that someone uploads his personal brake-out-of-chroot
> program and executes it and is out.
The cracker needs to be able to exploit a vulnerability to become root.
POSIX prescribes that root *must* be able to escape a chroot.
| You know we're sitting on four million pounds of fuel, one nuclear |
| weapon and a thing that has 270,000 moving parts built by the lowest |
| bidder. Makes you feel good, doesn't it? |
| Rockhound in "Armageddon", 1998, about the Space Shuttle |
More information about the scponly