Re: OT? Are chroots immune to buffer overflows?

From: Jose Nazario (jose@monkey.org)
Date: 05/28/02


Date: Tue, 28 May 2002 15:56:15 -0400 (EDT)
From: Jose Nazario <jose@monkey.org>
To: vuln-dev@securityfocus.com

an additional consideration is to use an operating system which supports
executable domains, such as HP's secure linux, the NSA Security Enhanced
Linux, or the like. there you get fine grained control (at the cost of
setup) which it seems you're seeking in a chroot jail.

___________________________
jose nazario, ph.d. jose@monkey.org
                                        http://www.monkey.org/~jose/