lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <469B4403.9080500@observed.de>
Date: Mon, 16 Jul 2007 12:10:11 +0200
From: Paul Sebastian Ziegler <psz@...erved.de>
To: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: (no subject) [was: White Paper - Chrooting
 sshd]

I don't get your point.
As I said in the paper all the informations that -I- found were either
outdated or unusable. That may be my disability in finding stuff, but
obviously other people had the same difficulties. Since it's release
this paper has been downloaded nonstop and spread to quite a few major
project's archives as well. That should prove that at least -some-
others were looking for this information.

So please explain your point to me.
This is an LGPL-licensed paper. What is your problem with publishing one
of these?

Oh, and please enter a subject next time. I almost missed your mail.

Many Greetings
Paul

toto.toto@...mail.co.za schrieb:
> > oh so your paper rox better than all paper about chrooting sshd ?
> > dude, all thing written in your paper is known since a while !
> >
> > Sometimes it may become profitable or necessary to jail the ssh daemon
> > within a chroot. Unluckily there aren't many papers out there that
> > explain the process of creating an appropriate jail and resolving all
> > the necessary dependencies and errors.
> >
> >
> > This paper will show you how to successfully jail sshd itself. Opposed
> > to many other papers out there it does not try to jail the users after
> > logging in but rather put the entire daemon into the jail. This approach
> > is interesting for anybody paranoid enough to want to protect against
> > remotely exploitable flaws in the used sshd.
> >
> >
> >
> >
> >
> > -------------------------------------------
> > South Africas premier free email service - www.webmail.co.za
> > ------------------------------------------------------------------
> > For super low premiums, click here http://www.webmail.co.za/dd.pwm
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ