-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 22 May 2002, Jason Haar wrote: > [note: my question is WRT non-root chrooted jails - we all know about > chroot'ing root processes!] > > Most buffer overflows I've seen attempt to infiltrate the system enough to > run /bin/sh. In chroot'ed environments, /bin/sh doesn't (shouldn't!) exist - > so they fail. > > Is it as simple as that? As 99.999% of the system binaries aren't available > in the jail, can a buffer overflow ever work? I've heard of shellcode that supposedly jumps out of the chroot jail, but it's probably been fixed now (whatever bug in chroot the shellcode exploited). The buffer overflow would work (it'd overflow the buffer yes) but as to whether you'd get a shell, probably not... Unless someone dropped a bash shell in there :) - -- L. Walker NOTICE: By spamming this account or scanning the IP address that this message was sent from, you consent to a free and unrestricted security audit. - -- If one wants to be a policeman, one must learn how to be a thief. - -- That's why we spend so much time trying to understand our own motivations and those of others. That's what makes life so interesting. Kaji, Evangelion Ep 18 - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8622SBJ6saYuOFLgRAoUjAJ97DeNdUA7fyVtkQg13oGCWYO0RNACeOSTE GzkLksO3vul++CPK3gL0M/U= =7FYs -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Wed May 22 2002 - 11:16:24 PDT