[plug] KaZaA for linux
Craig Foster
fostware at iinet.net.au
Sun Jan 6 16:43:38 WST 2002
background...
KaZaA is a peer-to-peer file sharing system like napster. It uses ncursors
to display on a text terminal.
It runs on port 1214 and talks to the main server to do searches for
files.
chroot is best given by example. if I put program KZA in /chroot, along
with all the libraries necessary for KZA to run - recreating /lib,
/usr/lib, /bin, /etc, /tmp *relative* to /chroot (eg /chroot/lib,
/chroot/usr/lib, etc), I can then run "chroot /chroot /bin/KZA" and then
KZA will only be able to see /lib, /usr/lib, etc ... but in reality it
will be seeing /chroot/lib, etc.
That way if someone hacks KZA, they can only EVER see what's in chroot,
even if they have shell access...
Very useful in instances such as bind 8, as a buffer overflow will kill
named and run a command, but as the shell (named) has stopped, it will
restart. But If it doesn't restart, the person can see my DNS records and
THAT'S IT.
Regards,
Craig Foster
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2228 bytes
Desc: not available
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20020106/4c4905d4/attachment.bin>
More information about the plug
mailing list