Yes it is true that it's making use of the systems libs, but they can't be touched by the process as it has been chrooted. In order for someone to overwrite those files, they would first have to break of the chroot. I'm not sure of the real security implications of using the system libs are vs. using chrooted libs.
On Wed, 2002-10-30 at 15:53, J.J. van Gorkum wrote: > On Wed, 2002-10-30 at 18:40, Sean McAvoy wrote: > > Hello, > > Bind has the built in ability to chroot itself (-t). then all that needs > > to be done is altering the bind init script(/etc/init.d/bind), which > > contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into > > that variable and you should be ok. I've done this with Bind 8, and now > > upgraded them to 9. > > You are missing the point here, if I do it the way bind tells me in the > man pages bind is NOT using the libraries inside the chroot environment. > That is wat I try to proove with the lsmod command... > > > > -- > J.J. van Gorkum Knowledge Zone > -- > If UNIX isn't the solution, you've got the wrong problem. > -- Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360.8211 Fax: 416.360.1403 Cell: 416.616.6599
signature.asc
Description: This is a digitally signed message part
