Subject: Re: i386 IO access and chroot()
To: matthew green <email@example.com>
From: gabriel rosenkoetter <firstname.lastname@example.org>
Date: 07/17/2001 10:33:54
On Sat, Jul 14, 2001 at 07:02:54AM +1000, matthew green wrote:
> With == 1 you can play tricks with mount points and chroot(2).
> with 1 you can probably write to the raw disk to modify swap outed
> processes, among other things. this case is boring.
> With == 2 it is difficult.
> this case is much more interesting. i don't believe's possible.
Considering our default install boots only to secure level 1, I
don't see that case as particularly boring.
Sure, if you or I were hardening a system, we'd probably actively
set the kernel secure level to 2, but what about the average user
who decides it's a good idea to run, say, Postfix or BIND in a
There are good reasons the documentation for both of these pieces of
software recommend telling them to run as non-root users, especially
as there is no need for either of these (or, really, any daemon I
can think of off-hand that does no user authentication) to run as
root after they've bound to a reserved port.
~ g r @ eclipsed.net