Daniel Roethlisberger daniel at
Wed Jun 26 15:06:09 PDT 2002

On a sidenote, I've been using privsep on multiple boxen since it
hit the stable portable releases, and it works just fine for me.
As for doing harm to the system when compromised with privsep, if
someone knows of some way to actually become root or break out of
the chroot in some way, please speak up. Creating device files is
not possible if the chroot root dir is correctly owned by root and
has mode 755 or similar. And without the ability to create any
files (real ones or devices, whatever) there seems very little you
can actually do to harm the system. But please do correct me if
I'm wrong.


   Daniel Roethlisberger <daniel at>
   PGP Key ID 0x8DE543ED with fingerprint
   6C10 83D7 2BB8 D908 10AE  7FA3 0779 0355 8DE5 43ED

Unsubscribe: send email to listar at
and put 'unsubscribe lfs-security' in the subject header of the message

More information about the lfs-security mailing list