Vulnerability Development mailing list archives
Re: OT? Are chroots immune to buffer overflows?
From: Jose Nazario <jose () monkey org>
Date: Wed, 22 May 2002 13:50:49 -0400 (EDT)
chroot() and jail() cells are not perfect. while you have reduced the number of moving parts, parts vulnerable to buffer overflows, you are still going to have some code that is quite possibly exploitable, via an {buffer|stack|heap} overflow, a format string exploit, configuration issue, what have you. accept this as fact. it is, after all, why you put the code in the restricted environment, to minimize the damage that will come when it is abused. getting out of such an environment is well documented. here are some great pages on the subject: http://www.bpfh.net/simes/computing/chroot-break.html http://lists.jammed.com/pen-test/2001/07/0134.html http://www.linuxsecurity.com/feature_stories/feature_story-99.html http://www.linuxgazette.com/issue30/tag_chroot.html http://archives.neohapsis.com/archives/nfr-wizards/1997/11/0091.html http://lsd-pl.net/papers.html search packetstormsecurity.org, etc ... its not perfect, but well done its a severe impediment to abusing the system outright. ___________________________ jose nazario, ph.d. jose () monkey org http://www.monkey.org/~jose/
Current thread:
- OT? Are chroots immune to buffer overflows? Jason Haar (May 21)
- Re: OT? Are chroots immune to buffer overflows? SpaceWalker (May 22)
- Re: OT? Are chroots immune to buffer overflows? Luciano Miguel Ferreira Rocha (May 23)
- Re: OT? Are chroots immune to buffer overflows? Nelson Sampaio Araujo Junior (May 24)
- Re: OT? Are chroots immune to buffer overflows? aazubel (May 23)
- Re: OT? Are chroots immune to buffer overflows? Luciano Miguel Ferreira Rocha (May 23)
- Re: OT? Are chroots immune to buffer overflows? Valdis . Kletnieks (May 22)
- Re: OT? Are chroots immune to buffer overflows? Kalle Andersson (May 22)
- Re: OT? Are chroots immune to buffer overflows? KF (May 23)
- Re: OT? Are chroots immune to buffer overflows? Edwin Groothuis (May 22)
- Re: OT? Are chroots immune to buffer overflows? Jose Nazario (May 23)
- Re: OT? Are chroots immune to buffer overflows? Kurt Seifried (May 23)
- Re: OT? Are chroots immune to buffer overflows? Berend De Schouwer (May 22)
- Re: OT? Are chroots immune to buffer overflows? L. Walker (May 22)
- Re: OT? Are chroots immune to buffer overflows? Jan Werner (May 23)
- Re: OT? Are chroots immune to buffer overflows? Greg Hunt (May 23)
- Re: OT? Are chroots immune to buffer overflows? Birger Toedtmann (May 22)
- Re: OT? Are chroots immune to buffer overflows? sd (May 22)
- Re: OT? Are chroots immune to buffer overflows? Andreas Ferber (May 22)
- Re: OT? Are chroots immune to buffer overflows? jove (May 23)
- Re: OT? Are chroots immune to buffer overflows? Dave Ahmad (May 23)
(Thread continues...)
- Re: OT? Are chroots immune to buffer overflows? SpaceWalker (May 22)