Subject: Re: i386 + aperture + 1.6Q
To: Perry E. Metzger <perry@piermont.com>
From: Pavel Cahyna <pcah8322@artax.karlin.mff.cuni.cz>
List: current-users
Date: 03/28/2003 21:26:46
> > Consider a daemon which runs in a chroot jail. The files and directories 
> > in the jail are made immutable. Say that the daemon is exploited and the
> > attacker gains root privileges. How will he program the DMA controller
> > of the video card if there is no /dev/xf86 in the chroot jail? But if
> > you compile the kernel with option INSECURE, he will be able to inset
> > the immutable flag on directories and make any device node he wants.
> 
> He can't touch any directory he wants, because he's in a chroot jail. :)

He can make new device nodes if he wants, no?

Pavel