At 15:10 Uhr +0200 25.06.2002, Ralf Dreibrodt wrote:
i unterstand it as remote chrooted nobody exploit, this is much more better than a remote root-exploit.
Hmm, I'm wondering if it's any better: if the attacker manages code to run in the chrooted daemon, I suspect he can also advise the part running as root to open up a new root connection? Isn't it that the separation simply protects against direct shell launch attacks? Well I'm not educated enough to know, just wondering.
Christian. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
