[H-GEN] /dev/log inside a chroot

Anthony Towns aj at azure.humbug.org.au
Thu Aug 24 09:44:43 EDT 2000 

On Thu, Aug 24, 2000 at 01:50:48PM +1000, David Jericho wrote:
> On Wed, Aug 23, 2000 at 03:08:28PM +1000, Rob Kearey wrote:
> > > [1] Jokes about the uselessness of chroot'ing something under RedHat will
> > > be met with a large baseball bat with a nail poking out the head.
> > What issues would there be with chrooting in RedHat, as opposed to any
> > other Linux distro, as further opposed to $FAVOURITE_UNIX?
> As they say, a Unix system is often only as secure as the administrator
> makes it.  RedHat has some buggy programs, but I ask of you
> blinded-by-the-faith Debian fans out there, how many of the holes
> are actually software that would/should be running on a production
> server?

If you can escape a chroot jail, that's the kernel's fault, not an
application's, though, and hence, presumably, not the distribution's fault
either. Although I was under the impression that chroot jails aren't
entirely secure under Linux. I can't remember any details to back this
up though.

The only thing you can reasonably accuse Red Hat of is not setting things
up to be secure by default. Debian at least tries to do that. OpenBSD is
probably the only network capable OS that can really claim to succeed
at it, but that's probably mainly because it doesn't make any attempt
at being useful as a desktop machine. AIUI.

(In some ways it's more important for desktop machines to be secure by
default than servers: there are a lot more of them out there, there's a
lot less skill available to maintain them, and they're hence much more
useful as a stepping stone for DDOS attacks, or avoiding tracability
or whatnot)

Actually, I'm not even sure that Red Hat aren't having a go at being
secure by default these days. The only recent install I've really poked
around with was a SuSE one which had two sorts of install available:
"secure" and "normal". The secure option did things like enable shadow
passwords. I have no idea why there was a choice in the first place,
personally. Or is this a descendent of the proverbial "BUGS=OFF"
CONFIG.SYS option?

Cheers,
aj

-- 
Anthony Towns <aj at humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. GPG signed mail preferred.

  ``We reject: kings, presidents, and voting.
                 We believe in: rough consensus and working code.''
                                      -- Dave Clark
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 350 bytes
Desc: not available
URL: <http://lists.humbug.org.au/pipermail/general/attachments/20000824/4505dd71/attachment.sig>

More information about the General mailing list