Firewall Wizards mailing list archives
Re: chroot useful?
From: mcnabb () argus-systems com (Paul McNabb)
Date: Mon, 17 Nov 1997 13:54:26 -0600
From: Darren Reed <darrenr () cyber com au> I think that the approach being described here is good for chroot'd environments and maybe that's all. Out in the big bad world of Unix, if I have "uid 0" and I can use cron/crontab, what does it matter if I can or can't open /dev/kmem myself ? The cron daemon is not very likely to have any restrictions placed upon it and neither is there any standard transferral of priviledges you (no longer) have. If I could mention that yucky Orange Book for a second, were the data labelled going into cron/crontab and those programs recognised those labels, then perhaps the confinment would be worthwhile.
I would hope that any B-level system out there would extend the labeling and privileges to the cron/at subsystem. All the ones I have seen do. paul --------------------------------------------------------- Paul McNabb Argus Systems Group, Inc. Vice President and CTO 1809 Woodfield Drive mcnabb () argus-systems com Savoy, IL 61874 USA TEL 217-355-6308 FAX 217-355-1433 "Securing the Future" ---------------------------------------------------------
Current thread:
- Re: chroot useful?, (continued)
- Re: chroot useful? Aleph One (Nov 17)
- syscall wrappers (was Re: chroot useful?) Bennett Todd (Nov 17)
- Re: syscall wrappers (was Re: chroot useful?) George Ross (Nov 20)
- RE: chroot useful? Y. W. Ko (Nov 16)
- Re: chroot useful? Anton J Aylward (Nov 17)
- Re: chroot useful? Darren Reed (Nov 20)
- Firewalling DCOM and brethren David C Niemi (Nov 21)
- Re: Firewalling DCOM and brethren Magossa'nyi A'rpa'd (Nov 21)
- Re: chroot useful? Darren Reed (Nov 20)
- Re: chroot useful? Anton J Aylward (Nov 17)
- RE: chroot useful? Joseph Judge (Nov 17)
- Re: chroot useful? Paul McNabb (Nov 17)
- Re: chroot useful? Paul McNabb (Nov 17)
- Re: chroot useful? C. Harald Koch (Nov 20)
- Re: chroot useful? Anton J Aylward (Nov 20)
- Re: chroot useful? chuck yerkes (Nov 21)
- Re: chroot useful? Adam Shostack (Nov 21)
- Re: chroot useful? chuck yerkes (Nov 21)
- Re: chroot useful? Paul McNabb (Nov 20)
- Re: chroot useful? Colin Campbell (Nov 21)
- Small code (was Re: chroot useful?) chuck yerkes (Nov 23)
- Re: chroot useful? Colin Campbell (Nov 21)
- Re: chroot useful? Anton J Aylward (Nov 21)