Forum OpenACS Q&A: Response to Bugtraq: Oracle security

Collapse
Posted by Jon Griffin on
Yes you need to get root, but I said if you don't understand security....

I had this on my harddrive, don't remember the source.

The quick and dirty of it is that if the process in the chroot jail is a
root process, it'll virtually always be possible to break out of the
jail. If the daemon in question runs with reduced privilleges, the
usefulness of the chroot jail increases dramatically.

To give an example, root is allowed to mknod a device in /dev. What's to
stop him from creating a device node for the local harddisk and doing
all sorts of nasty things (from overwriting, to mounting, checking out
interesting files and then using that to find an easier way in).

It's just another hurdle for a root process. It can truly become a jail
when the daemon runs as non-root, but that isn't always an option...