From best-of-security-d-request@suburbia.net Tue Aug 27 23:50:47 1996 Received: (list@localhost) by suburbia.net (8.7.4/Proff-950810) id XAA30264 for best-of-security@suburbia.net; Tue, 27 Aug 1996 23:50:47 +1000 Received: from helix.cs.cuc.edu (sopwith@helix.cs.cuc.edu [204.32.57.128]) by suburbia.net (8.7.4/Proff-950810) with ESMTP id XAA30258 for ; Tue, 27 Aug 1996 23:50:18 +1000 Received: from localhost (sopwith@localhost) by helix.cs.cuc.edu (8.7.4/8.7.3) with SMTP id JAA07449; Tue, 27 Aug 1996 09:48:54 -0400 Date: Tue, 27 Aug 1996 09:48:53 -0400 (EDT) From: Elliot Lee X-Sender: sopwith@helix To: Ivan Buttinoni - BOS cc: best-of-security-d@suburbia.net Subject: Re: BoS: Linux chmod (1) security hole In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII On Tue, 27 Aug 1996, Ivan Buttinoni - BOS wrote: > Environment: > Linux 2.0.13 > libc.so.5 => libc.so.5.2.18 > gcc version 2.7.2 > > Action: > bash# cd / > bash# chroot /restricted/area /bin/bash > shell-init: could not get current directory: getwd: cannot access parent > directories > > Problem: > After 'Action', I'm not in "/restricted/area", I'm in the real "/"! This is known "problem". You are supposed to cd /restricted/area before chrooting to it. -- Elliot ------------------ PGP.ZIP Part [012/713] ------------------- M833Z0X.[3:D+3N!C9&(:HM$<'G!`60#M@+,X"1.F(`(M<8/Z^;4B)CQIF2#[ M$3G8@]58@!%H`$L+QBQ.82ZZHR746$W,/[5)D!W%'FQ&*M[#!+P!>_S9FGAP M`5]@.Y9A#D:@-QK"'95!K(WX'/,Q&1U0#ZYX0LR%^!8'L0VK,`\#,3TD058; ------------------------------------------------------------- For next chunk to export --> http://dcs.ex.ac.uk/~aba/export/