Vulnerability Development mailing list archives
RE: OT? Are chroots immune to buffer overflows?
From: Stuart Adamson <stuart.adamson () evolution net>
Date: Wed, 22 May 2002 10:30:04 +0100
The buffer overflow still exists inside the chroot jail - but the jail attempts to limit the damage that can be done. This offers defence against attacks that exploit other binaries to elevate priviledge, and as you said, these other binaries hopefully shouldn't be inside the chroot. However, if I want to use your box to attack another box then the lack of binaries won't stop me - I'll just make my exploit download my own and store then in /tmp (or /logs or something) in the chroot jail. Stuart
-----Original Message----- From: Jason Haar [mailto:Jason.Haar () trimble co nz] Sent: 22 May 2002 04:48 To: vuln-dev () securityfocus com Subject: OT? Are chroots immune to buffer overflows? [note: my question is WRT non-root chrooted jails - we all know about chroot'ing root processes!] Most buffer overflows I've seen attempt to infiltrate the system enough to run /bin/sh. In chroot'ed environments, /bin/sh doesn't (shouldn't!) exist - so they fail. Is it as simple as that? As 99.999% of the system binaries aren't available in the jail, can a buffer overflow ever work? -- Cheers Jason Haar Information Security Manager Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417
Current thread:
- Re: OT? Are chroots immune to buffer overflows?, (continued)
- Re: OT? Are chroots immune to buffer overflows? L. Walker (May 22)
- Re: OT? Are chroots immune to buffer overflows? Jan Werner (May 23)
- Re: OT? Are chroots immune to buffer overflows? Greg Hunt (May 23)
- Re: OT? Are chroots immune to buffer overflows? Birger Toedtmann (May 22)
- Re: OT? Are chroots immune to buffer overflows? sd (May 22)
- Re: OT? Are chroots immune to buffer overflows? Andreas Ferber (May 22)
- Re: OT? Are chroots immune to buffer overflows? jove (May 23)
- Re: OT? Are chroots immune to buffer overflows? Dave Ahmad (May 23)
- Message not available
- Re: OT? Are chroots immune to buffer overflows? Jason Haar (May 23)
- Re: OT? Are chroots immune to buffer overflows? L. Walker (May 22)
- Re: OT? Are chroots immune to buffer overflows? dev-null (May 22)
- RE: OT? Are chroots immune to buffer overflows? Stuart Adamson (May 22)
- RE: OT? Are chroots immune to buffer overflows? Steve Bremer (May 23)
- Re: OT? Are chroots immune to buffer overflows? Adam Lydick (May 23)
- Re: OT? Are chroots immune to buffer overflows? Iván (May 23)
- Re: OT? Are chroots immune to buffer overflows? Steve Bremer (May 24)
- RE: OT? Are chroots immune to buffer overflows? Stuart Adamson (May 24)
- Re: OT? Are chroots immune to buffer overflows? Hank Leininger (May 28)
- Re: OT? Are chroots immune to buffer overflows? Jose Nazario (May 28)