Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!linus!philabs!seismo!hao!hplabs!sri-unix!MCLINDEN@RUTGERS.ARPA
From: MCLINDEN@RUTGERS.ARPA
Newsgroups: net.unix-wizards
Subject: Re: Security - suggested hack using chroot
Message-ID: <2829@sri-arpa.UUCP>
Date: Wed, 6-Jul-83 20:47:23 EDT
Article-I.D.: sri-arpa.2829
Posted: Wed Jul  6 20:47:23 1983
Date-Received: Mon, 11-Jul-83 00:13:37 EDT
Lines: 23

From:  Sean McLinden 


 Andy:

 I don't know about version 7 Unix, but the situation I suggested
 has little to do with what is linked to what. The simple fact is
 that if you chroot to "/usr/guest" for example, then "/" is
 equivalent to "/usr/guest", there is NO "/usr", or rather, if
 there is a "/usr" it would (in reality), be "/usr/guest/usr".
 The prefixing slash in any pathname is, in fact, an abbreviation
 for the root directory (whatever it happens to be). Insofar as
 any program you might want to write goes, you can't backup
 over that link, even if it does exist. I suggest you retry the
 problem only this time make sure it does a setuid "root" (it
 obviously won't work, otherwise).

 By the way, this isn't just speculation. I've done it.

 The bubble is in your court.

 Sean
-------