Contributed by jose on from the starting-with-the-basics dept.
(Comments are closed)
OpenBSD Journal
Contributed by jose on from the starting-with-the-basics dept.
(Comments are closed)
Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]
By Anonymous Coward () on
till then, tis no more secure than linux..
and linux/fbsd chroot(jail) can't be broken out of.
Comments
By Anonymous Coward () on
By Anonymous Coward () on
linux/fbsd chroot(jail) can't be broken out of.
I needed a good laugh this morning. THanks for trolling, please come again.
Comments
By Anonymous Coward () on
they defended this by saying chroot was not meant to be secure
haha
linux/fbsd have a jail, which can not be broken out of.
Comments
By Anonymous Coward () on
Many of the methods for breaking out of chroot apply fairly nicely to breaking out of jail on fbsd as well.
Comments
By Anonymous Coward () on
By krh () on
If you don't like OpenBSD, why are you here?
Does it inflate your ego to insult the OpenBSD project? Do you think that your insults will change our opinions? Do you think your insults will end the OpenBSD project?
Do you expect to accomplish anything other than making people mad?
It's always a good idea to be nice to people.
By Anonymous Coward () on
If you are going to make such a statement you should back it up. Please give references to where we can find such exploits for OpenBSD.
Comments
By Anonymous Coward () on
By tedu () on
haha
By NimaDeus () NimaDeus@nimadeus.be on mailto:NimaDeus@nimadeus.be
slave:~# uname -a && ls / && ./break_chroot
Linux Slave.TerraTrans.be TerraTrans Kernel #2 Mon Mar 17 22:02:15 PST 2003 i686
bin dev etc home lib man mnt proc root sbin tmp usr var
slave:/# ls
CHROOTED boot dev floppy if lib lost+found opt root tmp var
bin cdrom etc home initrd logins mnt proc sbin usr vmlinuz
slave:/#
By Anonymous Coward () on
Comments
By jose () on http://monkey.org/~jose/
Comments
By Anonymous Coward () on
By Bob Beck () beck@openbsd.org on mailto:beck@openbsd.org
Yeah, and if you look at their example they
reccomend checking the return codes in security
critical programs by using assert(). Then as
soon as someone compiles it with -DNDEBUG
you end up with a program with no tests in it.
the author lectures about unitended consequences
and doesn't even read assert(3).
Comments
By veins () veins@skreel.org on www.skreel.org
By zil0g () on
d'oh
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By Anonymous Coward () on
you knew that:
1) They only recommended it as a last resort.
The authors never said it were the way to
go. Having checks with assert() still is
better than having none at all.
2) If you can compile my binaries with -DNDEBUG
you won't have to exploit them.. you can do
a lot of meaner things to me.
Well, before you try to insult people, read again and think it over.