On Tue, 25 Jun 2002 12:00:54 PDT, wirepair <wirepairat_private> said: > "However, with privileges separation turned on, you are > immune from at least one remote hole." > at least one? Jesus how many are there? any information > would be appreciated.... We know there's a known-but-not-widely-disclosed hole, so the statement is technically correct as it stands - at least one remote hole. The point they were trying to make (perhaps poorly) was that if you enable privilege separation, it closes off *entire classes* of attacks - things that will be stopped because they can't work around the separation. Even if a second remote exploit is found/disclosed, all it gets the attacker is a very stripped down chroot'ed running-as-nobody jail cell. Now of course, it may be possible to mount an attack on the separation mechanism itself - but that *still* raises the bar considerably to get a full remote-root compromise. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
This archive was generated by hypermail 2b30 : Wed Jun 26 2002 - 20:47:31 PDT