>What are the dangers posed by someone gaining root access, as through a >trojaned ftpd, in a _chrooted_ environment, assuming that the environment >gets chrooted before there's any chance of compromise? Granted, you >don't want strangers enabled to wreak havoc with your ftp heirarchy >(and planting _more_ trojans), but what kind of threats can be posed >to the rest of the system from such a toehold? Assuming they can put some program there and run it as root, they could get access to things that aren't restricted in a chroot environment, like: privileged sockets on the local machine device file creation(?) create a setuid sh that a normal user (not chroot'ed) could use kill() any process (and then replace it) ie. telnetd or login. etc etc -- | let's all be different | | just like me Rob Quinn | | rjq@phys.ksu.edu | | QuinnBob@KSUVM.BITNET |