Xref: utzoo news.admin:4161 news.sysadmin:1799 comp.mail.uucp:2444
Path: utzoo!utgpu!watmath!clyde!att!pacbell!ames!amdahl!uunet!mcvax!ukc!stl!stc!datlog!dlhpedg!cl
From: cl@datlog.co.uk (Charles Lambert)
Newsgroups: news.admin,news.sysadmin,comp.mail.uucp
Subject: Security of chroot() (was: Dangerous hole in Usenet)
Message-ID: <945@dlhpedg.co.uk>
Date: 2 Dec 88 08:11:01 GMT
References: <1971@van-bc.UUCP> <572@comdesign.CDI.COM> <5517@medusa.cs.purdue.edu> <155@ecicrl.UUCP> <172@jetson.UPMA.MD.US>
Sender: news@dlhpedg.co.uk
Reply-To: cl@datlog.co.uk (Charles Lambert)
Organization: FSD@Data Logic Ltd, Queens House, Greenhill Way, Harrow, London.
Lines: 10

In article <172@jetson.UPMA.MD.US> john@jetson.UPMA.MD.US (John Owens) writes:
>In other words, chroot allows you to fool privileged programs that
>rely on files with particular pathnames (/etc/passwd, /etc/group,
>/etc/hosts.equiv, /usr/lib/sendmail.cf, /usr/lib/aliases, etc.).

Good grief!  Do you mean to say that these fundamental programs cannot
(or simply do not) check where the "real" root is?  Is it not possible to
do so,  as it is possible to check the real userid?

Charlie