Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Chroot jails

from [Mamading Ceesay] Network Security [Permanent Link]
Subject: Re: Chroot jails
Date: Tue, 20 Sep 2005 18:40:45 +0100 
On 20/09/05, Steve.Cummings@barclayscapital.com 


Wondered if people could give me their opinions on chroot jails on solaris 
and linux, am interested in both manageability but more interested in whether 
anyone has broken out of one



Don't have much to say about Solaris beyond suggesting checking out
the Zones feature on Solaris 10.

As for chroot jails on linux, they are escapable unless you have a
hardened kernel.  GRSec, BSDjail and VServer patches all make Linux
chroot jails pretty much unbreakable.  SELinux probably has a similar
feature, but I'm not aware of it.

One important alternative to chroot jails on Linux is virtualization
via projects like VServer and Xen.  These can be used to create
virtual Linux environments isolated from each other and the actual
underlying Linux environment.

-- 
Mamading Ceesay

"[The reformers'] remedies do not cure the disease: they merely prolong it.... 
The proper aim is to try and reconstruct society on such a basis that poverty 
will be impossible."
-- Oscar Wilde
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Chroot jails, Antoine Martin
Next by Date:  Re: Re: Defending users of unprotected login pages with TrustBar 0.4.9.93, mike03051
Previous by Thread:  Re: Chroot jails, Antoine Martin
Next by Thread:  Re: Chroot jails, xyberpix
Indexes:  [Date] [Thread] [Top] [All Lists]