Date: Mon, 12 Dec 2016 12:01:24 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 215250] jail break under particular circumstance Message-ID: <bug-215250-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D215250 Bug ID: 215250 Summary: jail break under particular circumstance Product: Base System Version: 11.0-STABLE Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: simonp@email.it I do not understand if this is really a bug, anyway i am submitting this because i think it could be the top of a more complex "iceberg". How to reproduce: -------------------------------------------------------- jailhost is the host machine thejail is the jailed machine remote#ssh user@thejail // log into the jail from a remote system thejail$su // became superuser into the jail thejail#cd /usr/ports // log into any folder of the jail Now from jailhost move the jail folder into the jailhost hierarchy jailhost#mv /jailz/<thejail>/usr/ports /jailz/ports // !!! Now, from inside thejail thejail#pwd /jailz/ports // !!! logged into the host=20=20=20 thejail#cd .. // you can navigate the host filesystem thejail#pwd / thejail#cd etc thejail#pwd /etc thejail#cat rc.conf // see host file contents=20=20 hostname=3D"jailhost.mydomain" ... thejail#uname -a // while you are inside the jail ... FreeBSD jailhost.mydomain 11.0-RELEASE-p1 ... -------------------------------------------------------- I understand that this is a very particular situation and i don't know if it is an expected behaviour just submitting because it sounds quite unexpected ... Cheers Paolo --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-215250-8>