Vulnerability Development mailing list archives
Re: OT? Are chroots immune to buffer overflows?
From: "L. Walker" <k_aneda () yahoo com>
Date: Wed, 22 May 2002 20:06:02 +1000 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 22 May 2002, Jason Haar wrote:
[note: my question is WRT non-root chrooted jails - we all know about chroot'ing root processes!] Most buffer overflows I've seen attempt to infiltrate the system enough to run /bin/sh. In chroot'ed environments, /bin/sh doesn't (shouldn't!) exist - so they fail. Is it as simple as that? As 99.999% of the system binaries aren't available in the jail, can a buffer overflow ever work?
I've heard of shellcode that supposedly jumps out of the chroot jail, but it's probably been fixed now (whatever bug in chroot the shellcode exploited). The buffer overflow would work (it'd overflow the buffer yes) but as to whether you'd get a shell, probably not... Unless someone dropped a bash shell in there :) - -- L. Walker NOTICE: By spamming this account or scanning the IP address that this message was sent from, you consent to a free and unrestricted security audit. - -- If one wants to be a policeman, one must learn how to be a thief. - -- That's why we spend so much time trying to understand our own motivations and those of others. That's what makes life so interesting. Kaji, Evangelion Ep 18 - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8622SBJ6saYuOFLgRAoUjAJ97DeNdUA7fyVtkQg13oGCWYO0RNACeOSTE GzkLksO3vul++CPK3gL0M/U= =7FYs -----END PGP SIGNATURE-----
Current thread:
- Re: OT? Are chroots immune to buffer overflows?, (continued)
- Re: OT? Are chroots immune to buffer overflows? Luciano Miguel Ferreira Rocha (May 23)
- Re: OT? Are chroots immune to buffer overflows? Nelson Sampaio Araujo Junior (May 24)
- Re: OT? Are chroots immune to buffer overflows? aazubel (May 23)
- Re: OT? Are chroots immune to buffer overflows? Luciano Miguel Ferreira Rocha (May 23)
- Re: OT? Are chroots immune to buffer overflows? Valdis . Kletnieks (May 22)
- Re: OT? Are chroots immune to buffer overflows? Kalle Andersson (May 22)
- Re: OT? Are chroots immune to buffer overflows? KF (May 23)
- Re: OT? Are chroots immune to buffer overflows? Edwin Groothuis (May 22)
- Re: OT? Are chroots immune to buffer overflows? Jose Nazario (May 23)
- Re: OT? Are chroots immune to buffer overflows? Kurt Seifried (May 23)
- Re: OT? Are chroots immune to buffer overflows? Berend De Schouwer (May 22)
- Re: OT? Are chroots immune to buffer overflows? L. Walker (May 22)
- Re: OT? Are chroots immune to buffer overflows? Jan Werner (May 23)
- Re: OT? Are chroots immune to buffer overflows? Greg Hunt (May 23)
- Re: OT? Are chroots immune to buffer overflows? Birger Toedtmann (May 22)
- Re: OT? Are chroots immune to buffer overflows? sd (May 22)
- Re: OT? Are chroots immune to buffer overflows? Andreas Ferber (May 22)
- Re: OT? Are chroots immune to buffer overflows? jove (May 23)
- Re: OT? Are chroots immune to buffer overflows? Dave Ahmad (May 23)
- Message not available
- Re: OT? Are chroots immune to buffer overflows? Jason Haar (May 23)
- Re: OT? Are chroots immune to buffer overflows? dev-null (May 22)
- RE: OT? Are chroots immune to buffer overflows? Stuart Adamson (May 22)