On 15 Jan 2003, Eric Weaver wrote: > The only known vulnerability on this box is Named. Openbsd 3.2 named has a > possible remote exploit, but since its jailed, the security is "mitigated" > (so they say). mitigated is not the same as "non-existant." > My observation is that there may be a way out of the jail through the > default socket to syslogd (via the -a flag (shown below)). Syslogd runs as > root. Doesn't this seem unsafe to anyone else? If a process is truely > jailed, it should have its own non-root logging mechanism. Agreed? you can, if you want, run a chroot'd named with only local logging. the use of a unix socket to talk to syslog is for convienence (i do use it, even on my chrooted named process). -------/ f. johan beisser /--------------------------------------+ http://caustic.org/~jan janat_private "Champagne for my real friends, real pain for my sham friends." -- Tom Waits ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Jan 23 2003 - 10:23:15 PST