Date: Sun, 31 Dec 2006 15:07:05 +0000 (GMT) From: Robert Watson <rwatson@FreeBSD.org> To: Colin Percival <cperciva@freebsd.org> Cc: freebsd-hackers@freebsd.org, Bill Moran <wmoran@collaborativefusion.com> Subject: Re: Modified version of jexec allows non-root access into jails Message-ID: <20061231150623.M7974@fledge.watson.org> In-Reply-To: <459743C3.90801@freebsd.org> References: <20061229120030.3DCE316A530@hub.freebsd.org> <45950CFD.5020506@freebsd.org> <20061229090146.d2bc2b1c.wmoran@collaborativefusion.com> <459743C3.90801@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 30 Dec 2006, Colin Percival wrote: > Bill Moran wrote: >> You also describe a scenerio where a user can create a jail of his own >> design and give himself root inside it, thus allowing him to use the setuid >> trick to get root on the host as well. The place this falls down is that >> the user would need to already have root to create the jail in the first >> place. > > Not necessarily. An unprivileged user can create hard links to binaries he > doesn't own, including suid binaries. BTW, I understand that Solaris has now changed the default to be that users cannot hard link files they don't own. We have a sysctl option for that -- if this is now a widespread default, I wonder if we should be considering switching the default? Robert N M Watson Computer Laboratory University of Cambridge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061231150623.M7974>