syslog-ng2 -- startup directory leakage in the chroot environment

2008-11-15T00:00:00
ID 75F2382E-B586-11DD-95F9-00E0815B8DA8
Type freebsd
Reporter FreeBSD
Modified 2009-07-01T00:00:00

Description

Florian Grandel reports:

I have not had the time to analyze all of syslog-ng code. But by reading the code section near the chroot call and looking at strace results I believe that syslog-ng does not chdir to the chroot jail's location before chrooting into it. This opens up ways to work around the chroot jail.