Comment by justincormack 14 days ago Yes thats one thing Musl libc removes. 3 comments justincormack Reply geocar 14 days ago If the attacker can control newroot/etc/passwd they _still_ get getpwnam to return whatever userid they want. The solution is to not lookup --userspec=username:group inside the chrooted-space, but from outside.Also, hi how's things? :) justincormack 14 days ago hi! good, how are you doing? geocar 14 days ago great. still enjoying the algarve working on my secret projects in the sun.you able to find a reason to come visit? or am i going to have to come to blighty so we can hang out?
geocar 14 days ago If the attacker can control newroot/etc/passwd they _still_ get getpwnam to return whatever userid they want. The solution is to not lookup --userspec=username:group inside the chrooted-space, but from outside.Also, hi how's things? :) justincormack 14 days ago hi! good, how are you doing? geocar 14 days ago great. still enjoying the algarve working on my secret projects in the sun.you able to find a reason to come visit? or am i going to have to come to blighty so we can hang out?
justincormack 14 days ago hi! good, how are you doing? geocar 14 days ago great. still enjoying the algarve working on my secret projects in the sun.you able to find a reason to come visit? or am i going to have to come to blighty so we can hang out?
geocar 14 days ago great. still enjoying the algarve working on my secret projects in the sun.you able to find a reason to come visit? or am i going to have to come to blighty so we can hang out?
If the attacker can control newroot/etc/passwd they _still_ get getpwnam to return whatever userid they want. The solution is to not lookup --userspec=username:group inside the chrooted-space, but from outside.
Also, hi how's things? :)
hi! good, how are you doing?
great. still enjoying the algarve working on my secret projects in the sun.
you able to find a reason to come visit? or am i going to have to come to blighty so we can hang out?