From owner-freebsd-hackers  Mon Jul 27 14:48:11 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id OAA17263
          for freebsd-hackers-outgoing; Mon, 27 Jul 1998 14:48:11 -0700 (PDT)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from spawn.nectar.com (spawn.nectar.com [204.27.67.86])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA17176
          for <hackers@freebsd.org>; Mon, 27 Jul 1998 14:47:27 -0700 (PDT)
          (envelope-from nectar@spawn.nectar.com)
Received: from localhost.nectar.com ([127.0.0.1] helo=spawn.nectar.com)
	by spawn.nectar.com with esmtp (Exim 1.92 #1)
	id 0z0v6S-0001Lq-00; Mon, 27 Jul 1998 16:46:44 -0500
X-Mailer: exmh version 2.0.2 2/24/98
X-PGP-RSAfprint: 00 F9 E6 A2 C5 4D 0A 76  26 8B 8B 57 73 D0 DE EE
X-PGP-RSAkey: http://www.nectar.com/nectar-pgp262.txt
From: Jacques Vidrine <n@nectar.com>
In-reply-to: <199807271908.MAA23572@usr02.primenet.com> 
References: <199807271908.MAA23572@usr02.primenet.com>
Subject: Re: inetd enhancements 
To: Terry Lambert <tlambert@primenet.com>
cc: hackers@FreeBSD.ORG
Date: Mon, 27 Jul 1998 16:46:44 -0500
Message-Id: <E0z0v6S-0001Lq-00@spawn.nectar.com>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

-----BEGIN PGP SIGNED MESSAGE-----

On 27 July 1998 at 19:08, Terry Lambert <tlambert@primenet.com> wrote:
> I like the idea; I'd like more information on the implementation
> (a 50,000 foot view)...
> > * binding selected services to a particular interface
> Do you so this by adding an "interface list" field?

Yes, where the list length ``n'' is constrained as: 0 <= n <= 1 :-)

Seriously, this shouldn't be tough to add if it is deemed useful.
You can currently accomplish this with multiple definitions of
the service, each with a different interface specified.
 
> > * chroot'ing before exec'ing the service
> Do you run as other-than-root before you do this?  

Yes.  I chroot(), then chdir("/").  setusercontext(),
sigaction(), and execv() are called afterward. 

> Root can escape
> a chroot jail because of the way the chroot root vnode is (in my
> opinion) incorrectly set to NULL instead of the real root for the
> non-chroot case (fixing this would incidently simplify the namei code).
> 
> The "ftpd" case is especially vulnerable...

I don't follow.  Could you give an example scenario of an exploit?

- -- 
Jacques Vidrine <n@nectar.com>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNbz1RDeRhT8JRySpAQGoTQP/e1yzs5UdlVBYyXq3Smh/W1jW8wVWl+2H
sv3dZ7rhxNUzabIoYiK34VdBkMWnNXlGM4bmlL/0Yl4JYHy1Lkpyi//zeLHDAOKd
dYx5kSqA5yNqgF1LW/cMMElA3+0xgZgHkSIi9guMi4VHnZarUOb1ryKTFrAl0yry
cbIebEsL3CM=
=F8Du
-----END PGP SIGNATURE-----

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message