Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: chroot useful?

Re: chroot useful?

From: Paul McNabb <mcnabb_at_argus-systems.com>
Date: Tue, 11 Nov 1997 11:33:34 -0600

> From: "Joseph S. D. Yao" <jsdy_at_cospo.osis.gov>
>
> Similarly, chrooting is a deterrent, not a guarantee (and, especially,
> not as much of a guarantee as it used to be). Yes, it would be nice if
> it compartmented more than it did. In fact, that's an interesting
> idea: as chroot partitions the file system, perhaps there might be
> other services to partition off other kernel services? For the future.

All B1 systems do this now, and B1 versions are available for most
commercial OS products. Other products, such as Argus's Decaf do
partitioning as well, but without the B1 mechanisms. This is the main
argument used for B-level security.

paul

---------------------------------------------------------
Paul McNabb Argus Systems Group, Inc.
Vice President and CTO 1809 Woodfield Drive
mcnabb_at_argus-systems.com Savoy, IL 61874 USA
TEL 217-355-6308
FAX 217-355-1433 "Securing the Future"
---------------------------------------------------------
Received on Nov 12 1997

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos