Date: Tue, 6 Jun 2006 12:42:01 -0400 From: Kris Kennaway <kris@obsecurity.org> To: Kevin Wortman <kevin.wortman@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: PTY's in a FreeBSD Jail Message-ID: <20060606164201.GA4187@xor.obsecurity.org> In-Reply-To: <6bcb65c40606060931s6b35ce3fo238625d6120ecd01@mail.gmail.com> References: <6bcb65c40606060931s6b35ce3fo238625d6120ecd01@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--4Ckj6UjgE2iN1+kY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jun 06, 2006 at 12:31:19PM -0400, Kevin Wortman wrote: > All, >=20 > Sometime ago there was a question posed about the error "Server refused to > allocate pty" when trying to ssh into a freebsd jail. It seemed to be > answered by someone saying that the command "mount_devfs devfs > /your/jail/dir/dev" needed to enter, which in fact does make the jail sta= rt > working. However, it was stated in the same posting that this was not > considered to be secure. >=20 > Hence my question, if this is in fact not secure, how can I get my jail > properly configured in FreeBSD 6.0 without compromising the security of t= he > box? I ask because I have several boxes currently running in my environm= ent > with jails (FreeBSD 4.x) and do not see this command anywhere in the star= tup > scripts yet the jailed environment appears to be working like a champ. >=20 > I am fairly new to the FreeBSD world so please pardon my ignorance, if I > have displayed any. See the jail manpage for how to set up devfs. Kris --4Ckj6UjgE2iN1+kY Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFEhbBZWry0BWjoQKURAo8pAJ9KvEPc/lolQGz4wNNSCk+pfw4TcwCdHq3D nKhwKkqP6eiQZGslis9IqQg= =XlMo -----END PGP SIGNATURE----- --4Ckj6UjgE2iN1+kY--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060606164201.GA4187>