Difference between revisions of "Talk:Secure chroot Barrier"
From Linux-VServer
| Line 7: | Line 7: | ||
Am I right? | Am I right? | ||
| + | |||
| + | once you gain root inside the scure chroot: | ||
| + | |||
| + | may you gain access to the device node? | ||
| + | |||
| + | i/o ports not restricted? | ||
Revision as of 21:49, 25 December 2006
- setattr --barrier /vservers
- showattr /vservers
Seems insufficient. You need to set --barrier for every existing and NEW directory except those below /vservers/. as the suggested command protects only against chdir ..
Why? The fchdir.
Am I right?
once you gain root inside the scure chroot:
may you gain access to the device node?
i/o ports not restricted?
