On Fri, Mar 23, 2001 at 12:45:03PM +0000, Paul J Collins wrote:
> KH> This means that using debugfs like this on a live mounted
> KH> filesystem is almost asking for filesystem corruption. If the
> KH> kernel's in-memory view of the disk contents is not consistent
> KH> with what's actually on-disk, then when it goes to flush any
> KH> modified data or metadata, it's likely that the on-disk data
> KH> will end up inconsistent.
>> Doing "mount -oremount,sync /usr" might get around that problem. Of
> course, working on live filesystems is risky anyway.
Ahhh. Worked fine!
Since we're talking about messing up file systems, anybody ever
do this (or similar):
http://www.unixinsider.com/unixinsideronline/swol-08-1999/swol-08-security-2.html
Basically: "Fix" a breakout of a chrooted area by breaking the filesystem to create a loop.
The base of the chroot points to somewhere back within the chroot, hence the classic break
out of a chroot method doesn't work. Intresting, huh? That coupled with /dev mounted nodev
would mean it'd be pretty hard for an interactive shell (god forbid) to break out.
Brian.
--
Brian Scanlan, Systems Administrator.
Irish Times New Media - http://www.ireland.com
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
