search for: sleemburg

Hi Damien, Thank you. I read the rationale. Just to summarize, a user writeable chroot target is considered dangerous if: 1) the user has another way of gaining non-chrooted access to the system 2) is able to create hardlinks to setuid-binaries outside of the chroot tree 3) there are bugs somewhere that allow privilige escalation or remote execution of other programs While all these

Also with an vfb line in the config things go wrong. In fact everywhere where posixpath.py functions get called without a valid actual parameter, it will crash as there will be no rfind method available. Personally, I think the posixpath.py should validate it's input and that that should be fixed. Kind regards, Stephan

Hello, Is there any security reason why the last component of a chroot path is required to be owned by root and not by the user that is chroot-ed into that path? I have tried to think of a reason, but cannot find any except for when several accounts are chrooted into the same directory. But if that is not the case, then, is there any security consideration? If not, then it seems to me that

I did not find any clues when 'googling' and could not find any search options on the archives. So, your answer does really not help. If you can help me with some reference, then it is highly appreciated. I would like to understand the rationaly. Not why 'it is just like it is'. No, why. What is the reasoning behind it. I speak Dutch, English, some Japanese and C. So, I can