Date: Thu, 20 Mar 2014 13:36:40 +0100 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: d@delphij.net Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>, freebsd-gnats-submit@FreeBSD.org, "secteam@FreeBSD.org" <secteam@FreeBSD.org>, jamie@FreeBSD.org, Nicola Galante <galante@veritas.sao.arizona.edu> Subject: Re: misc/187307: Security vulnerability with FreeBSD Jail Message-ID: <86fvmdrqqv.fsf@nine.des.no> In-Reply-To: <5317B597.5050900@delphij.net> (Xin Li's message of "Wed, 05 Mar 2014 15:39:03 -0800") References: <201403052307.s25N7NoD045308@cgiserv.freebsd.org> <5317B597.5050900@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Xin Li <delphij@delphij.net> writes: > a) you have account on *both* jail and host system. > b) you attempted to log in into jail's IP, which is also bound to host > system; > c) your configuration didn't explicitly specify SSH's listening > address on host, so it's a wildcard (Listen 22 instead of Listen > hostip:22, where you can see in sockstat -4l as *:22 for sshd). > d) when jail is shut down, when you connect to the jail's IP, you > connected into the host. I would like to point out that if you follow the documented procedure for configuring and managing jails, the jail's IP goes away when the jail shuts down. This has been the case since at least 8.x using the old-style rc.conf variables (jail_foo_interface, jail_foo_ip), and it is still the case in 10.0 using the new-style jail.conf. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86fvmdrqqv.fsf>