Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83; site whuxlb.UUCP Path: utzoo!linus!philabs!seismo!harpo!floyd!whuxlb!mash From: mash@whuxlb.UUCP Newsgroups: net.unix-wizards Subject: Re: chroot() Message-ID: <1229@whuxlb.UUCP> Date: Fri, 15-Jul-83 23:22:28 EDT Article-I.D.: whuxlb.1229 Posted: Fri Jul 15 23:22:28 1983 Date-Received: Sat, 16-Jul-83 05:27:03 EDT Organization: Bell Labs, Whippany Lines: 8 chroot() must be protected lest programs that trust the sanctity of certain files (/like /etc/passwd) be faked out by dummies: 1) create a small directory structure with a dummy /etc/passwd 2) make a copy of /bin/su & /bin/sh where they can be gotten. 3) chroot 4) su, then make the copy of sh setuid-root for later use. [sad tosay, many systems have readable setuid-root pgms lying around]. -mashey