[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: pam_chroot-0.8 released

From: Solar Designer <solar openwall com>
To: Pluggable Authentication Modules <pam-list redhat com>
Subject: Re: pam_chroot-0.8 released
Date: Wed, 5 May 2004 06:17:47 +0400

On Tue, May 04, 2004 at 08:23:07PM -0500, Ed Schmollinger wrote:
> pam_chroot-0.8 has been released.   Kudos to Heiko Hund for contribution
> of some nifty ideas and code to implement them.
> 
> The new version is available from
> http://sourceforge.net/projects/pam-chroot/

You could want to check out this patch:

cvs -d :pserver:anoncvs:anoncvs anoncvs owl openwall com:/cvs co Owl/packages/pam/pam-0.75-owl-pam_chroot.diff

It is not against your version, but it is relevant to it as well.

Basically, the point is that it is unsafe to chroot() to a path which
contains directories writable by an untrusted user.  Unfortunately,
few people realize that, so this kind of misuse of chroot() is all too
common.

-- 
Alexander Peslyak <solar openwall com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Follow-Ups:
- Re: pam_chroot-0.8 released
  - From: John Newbigin

References:
- pam_chroot-0.8 released
  - From: Ed Schmollinger

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]