From owner-freebsd-security Mon May 15 9:52:24 2000 Delivered-To: freebsd-security@freebsd.org Received: from falcon.grobin.org (falcon.grobin.org [204.225.173.44]) by hub.freebsd.org (Postfix) with ESMTP id 32A6237B719 for ; Mon, 15 May 2000 09:51:55 -0700 (PDT) (envelope-from geoff@grobin.org) Received: by falcon.grobin.org (Postfix, from userid 1000) id 01BDA2C4; Mon, 15 May 2000 12:53:42 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by falcon.grobin.org (Postfix) with ESMTP id EFB112C2 for ; Mon, 15 May 2000 12:53:42 -0400 (EDT) Date: Mon, 15 May 2000 12:53:42 -0400 (EDT) From: Geoffrey Robinson To: security@freebsd.org Subject: Jail: Problems? Proper Usage? Status? Practicality? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ver: FreeBSD 4.0-STABLE #0: Sun May 14 11:06:58 EDT 2000 I'm planning to use jail in the near future to do two things. First is to generally increase the security of a system by putting services like http, smtp, ftp, etc. into separate jails to decrease the potential harm of a security hole. This system will only allow shell accesses to trusted individuals. The second plan is to create multiple, virtual servers on another host system. These virtual servers will allow shell access to semi-trusted individuals, including the jail root user. Also the jail administrator could potentially run unsecure services. This second plan is tentative depending on the reliability of jail. I have setup a test jail on my workstation with good results. The first problem I have found is that I can't access the jailed IP at all from the host system, nor the host system from the jailed one. However both host and jailed IPs are accessible to other machines on the network. Is this intentional? The jailed system can access the Internet fine through my natd setup on the host system (which actually surprised me). I'm aware that raw sockets are not allowed to jailed processes but is there a workaround for ping and traceroute? Finally how secure is jail really? I'm aware of a trivial chroot breakout technique. Does that hole still exist? Are there any other known holes? Is jail still under active development? Is it worth the trouble to do any of this? Thanks. ------------------------------------------------------------------------------ | Geoffrey Robinson - geoff@grobin.org | ------------------------------------------------------------------------------ Random Fortune Quote When you're not looking at it, this fortune is written in FORTRAN. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message