[scponly] danger of allowing -e in rsync ?

Lupe Christoph lupe at lupe-christoph.de
Sat Mar 25 12:59:58 EST 2006

On Friday, 2006-03-24 at 07:51:50 +0100, Sven Hoexter wrote:

> Well from time to time someone has found a way to brake out of a chroot.
> So it might be possible that someone uploads his personal brake-out-of-chroot
> program and executes it and is out.

The cracker needs to be able to exploit a vulnerability to become root.
POSIX prescribes that root *must* be able to escape a chroot.

Lupe Christoph
| You know we're sitting on four million pounds of fuel, one nuclear     |
| weapon and a thing that has 270,000 moving parts built by the lowest   |
| bidder. Makes you feel good, doesn't it?                               |
| Rockhound in "Armageddon", 1998, about the Space Shuttle               |

More information about the scponly mailing list