Date: Mon, 31 Jan 2000 20:42:12 +0300 From: Vladimir Dubrovin <vlad@sandy.ru> To: Dmitry Valdov <dv@dv.ru> Cc: security@freebsd.org Subject: Re: jail.. Message-ID: <8862.000131@sandy.ru> In-Reply-To: <Pine.BSF.3.95q.1000131025803.12484A-100000@xkis.kis.ru> References: <Pine.BSF.3.95q.1000131025803.12484A-100000@xkis.kis.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Dmitry Valdov, 31.01.00 3:05, you wrote: jail..; D> Hello! D> It is possible to take root on entire machine if someone has an account on D> it an root under jail. D> for example, we're running jail with chroot to /usr/jail. Someone have root D> in chroot'ed environment. D> So, he can create setuid shell in /usr/jail. D> But if he have normail account on machine, he can run it from /usr/jail and D> take root on entire machine. D> chmod /usr/jail doesn't help because chrooted / cannot be read by anyone :( This problems appears only if local users should be allowed to access /usr/jail. Otherwise you can use group "jail" instead of user "jail" ang give 770 permissions for /usr/jail. Include jailed (and only jailed) users and root into this group. D> I think that the right solution is to make directory for chroot under 700's D> directory. Should it be documented in jail man page? D> Dmitry. +=-=-=-=-=-=-=-=-=+ |Vladimir Dubrovin| | Sandy Info, ISP | +=-=-=-=-=-=-=-=-=+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8862.000131>