Xref: utzoo news.admin:4120 news.sysadmin:1745 comp.mail.uucp:2400 Path: utzoo!utgpu!watmath!clyde!att!chinet!les From: les@chinet.chi.il.us (Leslie Mikesell) Newsgroups: news.admin,news.sysadmin,comp.mail.uucp Subject: Re: Dangerous hole in Usenet! Message-ID: <7038@chinet.chi.il.us> Date: 30 Nov 88 15:53:19 GMT References: <1971@van-bc.UUCP> <572@comdesign.CDI.COM> <5517@medusa.cs.purdue.edu> <561@redsox.UUCP> <215@twwells.uucp> <155@ecicrl.UUCP> <8219@bloom-beacon.MIT.EDU> Reply-To: les@chinet.chi.il.us (Leslie Mikesell) Organization: Chinet - Public Access Unix Lines: 9 In article <8219@bloom-beacon.MIT.EDU> tytso@athena.mit.edu (Theodore Y. Ts'o) writes: [method of using a setuid chroot to modify /etc/passwd deleted] OK, how about a setuid chroot that checks that either: A) the new root is not on the same fs as / or B) the new root contains etc and bin directories that are not writable by the real uid. Les Mikesell