OT? Are chroots immune to buffer overflows?

From: Jason Haar (Jason.Haarat_private)
Date: Tue May 21 2002 - 20:48:16 PDT

Next message: Evans, TJ: "RE: Online Games Consoles and Security Implications"

Previous message: Vasisht Tadigotla: "RE: Online Games Consoles and Security Implications"
Next in thread: SpaceWalker: "Re: OT? Are chroots immune to buffer overflows?"
Reply: SpaceWalker: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Valdis.Kletnieksat_private: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Kalle Andersson: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Edwin Groothuis: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Berend De Schouwer: "Re: OT? Are chroots immune to buffer overflows?"
Reply: dev-null@no-id.com: "Re: OT? Are chroots immune to buffer overflows?"
Reply: L. Walker: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Birger Toedtmann: "Re: OT? Are chroots immune to buffer overflows?"
Reply: sd: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Andreas Ferber: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Stuart Adamson: "RE: OT? Are chroots immune to buffer overflows?"
Reply: Dave Ahmad: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Adam Lydick: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Iván: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Stuart Adamson: "RE: OT? Are chroots immune to buffer overflows?"
Reply: Hank Leininger: "Re: OT? Are chroots immune to buffer overflows?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[note: my question is WRT non-root chrooted jails - we all know about
chroot'ing root processes!]

Most buffer overflows I've seen attempt to infiltrate the system enough to
run /bin/sh. In chroot'ed environments, /bin/sh doesn't (shouldn't!) exist -
so they fail.

Is it as simple as that? As 99.999% of the system binaries aren't available
in the jail, can a buffer overflow ever work?

-- 
Cheers

Jason Haar

Information Security Manager
Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417

Next message: Evans, TJ: "RE: Online Games Consoles and Security Implications"
Previous message: Vasisht Tadigotla: "RE: Online Games Consoles and Security Implications"
Next in thread: SpaceWalker: "Re: OT? Are chroots immune to buffer overflows?"
Reply: SpaceWalker: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Valdis.Kletnieksat_private: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Kalle Andersson: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Edwin Groothuis: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Berend De Schouwer: "Re: OT? Are chroots immune to buffer overflows?"
Reply: dev-null@no-id.com: "Re: OT? Are chroots immune to buffer overflows?"
Reply: L. Walker: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Birger Toedtmann: "Re: OT? Are chroots immune to buffer overflows?"
Reply: sd: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Andreas Ferber: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Stuart Adamson: "RE: OT? Are chroots immune to buffer overflows?"
Reply: Dave Ahmad: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Adam Lydick: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Iván: "Re: OT? Are chroots immune to buffer overflows?"
Reply: Stuart Adamson: "RE: OT? Are chroots immune to buffer overflows?"
Reply: Hank Leininger: "Re: OT? Are chroots immune to buffer overflows?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue May 21 2002 - 22:31:04 PDT