On Thu, 27 Jun 2002, Linas Vepstas wrote:
> Its not obvious that this file would be readable. I presume that
> this hypotheical pluto would:
>
> 1) read ipsec.secrets
> 2) drop other permissions
> 3) chroot
I would change 3) to:
3) chroot to an empty directory with no write permission,
which makes it very difficult to mount any subsequent attack, as you can
neither use any tool on the filesystem nor download any tool to the box.
This is what the front-end of openssh do in the latest versions, and it
goes indeed a long way in mitigating the effects of a break in.
Bye
Giacomo
-- _________________________________________________________________Giacomo Mulas <gmulas_at_ca.astro.it, giacomo.mulas_at_tin.it> _________________________________________________________________
OSSERVATORIO ASTRONOMICO DI CAGLIARI Str. 54, Loc. Poggio dei Pini * 09012 Capoterra (CA)
Tel.: +39 070 71180 248 Fax : +39 070 71180 222 _________________________________________________________________
"When the storms are raging around you, stay right where you are" (Freddy Mercury) _________________________________________________________________
_______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:17 CEST