> Richard B. Johnson <root@chaos.analogic.com> wrote:
> >
> > Yes. The proc file-system can be mounted multably. You can check this
> > out if you have a ftp server installed.
> >
> > cd /home/ftp
> > mkdir proc
> > mount proc proc -t proc
> >
> > Now execute anonymous ftp. You can `chdir` to what now looks like
> > `/proc` in the chrooted environment and get the directory.
>
> Perhaps it should be mentioned that making the /proc filesystem's
> contents available to an anonymous ftp server would seem to be a
> security hole, leaking far more information than might be prudent for
> such a server.
>
Well of course. I did not advocate this as a new method of setting
up a ftp server, but rather it is a method by which one can find out
what happens in such an environment. For instance, one can 'chdir' to
1, init's information directory, but you can 'chdir' to init's cwd
shown in that directory. This shows that, at least for this case, the
"jail" works.
Cheers,
Dick Johnson
***** FILE SYSTEM WAS MODIFIED *****
Penguin : Linux version 2.2.6 on an i686 machine (400.59 BogoMips).
Warning : It's hard to remain at the trailing edge of technology.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/