[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] ERROR: [directory] is not owned by root:root

From: Gregory Piñero
Subject: Re: [Jailkit-users] ERROR: [directory] is not owned by root:root
Date: Sun, 16 Sep 2007 13:38:43 -0400

On 9/16/07, Olivier Sessink <address@hidden> wrote:
> a chroot jail directory that can be modified by a user is a security
> risk. (anybody who can change libc can gain local root privileges)
> If one of the parent directories of the jail is owned by another user,
> the user cannot modify the jail, but the user can rename the parent, and
> then create a new directory with the name of the jail, and then modify
> it. So also in that case, there is a security risk.
> That's why jailkit checks for this situation.

So where do people typically place a jailed directory?  Perhaps at the
root of the filesystem, e.g., /jailed_dir?

Thanks again,


reply via email to

[Prev in Thread] Current Thread [Next in Thread]