Firewalls: Re: FTP services --

Firewalls
(April 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: FTP services --
From:	Ken Hardy <ken @ bridge . com>
Date:	Fri, 15 Apr 1994 12:01:42 -0500
To:	firewalls @ greatcircle . com
Cc:	mjr @ tis . com

mjr wrote:

>4: If you're on a Sun, make a copy of /dev/zero in ~ftp/dev and chown
>	it to root. Make sure it's readable.
...
>	If there is a hole in your ftpd that lets someone get "root"
>	access they can do you some damage even chrooted. It's just

Gack!  I was going to ask why /dev/zero, in case you wanted to have
ftpd chrooted to a partition mounted "nodev" (ignore device files), but
my Suns' man pages don't list that as a mount option!  I started a
thread on bugtraq about threats to be aware of from root in a chrooted
environment.  Being able to mknod devices whence to mount verbotten
filesystems is one obvious attack, not to mention /dev/kmem, etc.

Indexed By Date	Previous:	Re: probe_tcp_ports From: Dorian Deane <dorian @ cobalt . house . gov>
Indexed By Date	Next:	Re: FTP services -- From: Marcus J Ranum <mjr @ tis . com>
Indexed By Thread	Previous:	Re: FTP services -- From: Wolfram Schmidt <wschmidt @ iao . fhg . de>
Indexed By Thread	Next:	Re: FTP services -- From: Marcus J Ranum <mjr @ tis . com>