[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd)
From: |
Wayne Buttles |
Subject: |
Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd) |
Date: |
Tue, 24 Jun 1997 12:13:01 -0400 (EDT) |
On Tue, 24 Jun 1997, Larry W. Virden, x2487 wrote:
> Wayne Buttles <address@hidden> wrote:
>
> > If the account is stuck in a chroot jail with sh, lynx, cp and nothing
> > else...can they be dangerous?
>
> Is there a way to set things up so that the password, etc. work is done
> before the chroot? I thought typically that stuff was done _after_ the
> chroot took place - in which case the public lynx password file would be
> accessible.
AFAIK, the passwd files in chrooted environments are there for show. They
should contain no real passwords. PLEASE correct me if I am wrong.
Wayne
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;
- LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd), Duncan Hill, 1997/06/24
- Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd), Scott McGee (Personal), 1997/06/24
- Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd), Robert Bonomi, 1997/06/24
- Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd), Scott McGee (Personal), 1997/06/24
- Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd), Foteos Macrides, 1997/06/24
- Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd), Robert Bonomi, 1997/06/24
- Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd), H E Nelson, 1997/06/24
- Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd), Jan Hlavacek, 1997/06/24