From owner-freebsd-stable@FreeBSD.ORG  Fri Dec 28 12:45:42 2007
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CFC0B16A417
	for <freebsd-stable@freebsd.org>; Fri, 28 Dec 2007 12:45:42 +0000 (UTC)
	(envelope-from johan@stromnet.se)
Received: from core.stromnet.se (core.stromnet.se [83.218.84.131])
	by mx1.freebsd.org (Postfix) with ESMTP id 7E83D13C4CE
	for <freebsd-stable@freebsd.org>; Fri, 28 Dec 2007 12:45:42 +0000 (UTC)
	(envelope-from johan@stromnet.se)
Received: from localhost (unknown [83.218.84.135])
	by core.stromnet.se (Postfix) with ESMTP id 70456D46F37;
	Fri, 28 Dec 2007 13:45:41 +0100 (CET)
X-Virus-Scanned: amavisd-new at stromnet.se
Received: from core.stromnet.se ([83.218.84.131])
	by localhost (core.stromnet.se [83.218.84.135]) (amavisd-new,
	port 10024)
	with ESMTP id WU8MM9HK3zvs; Fri, 28 Dec 2007 13:45:39 +0100 (CET)
Received: from [172.28.1.102] (90-224-172-102-no129.tbcn.telia.com
	[90.224.172.102])
	by core.stromnet.se (Postfix) with ESMTP id 086E8D46405;
	Fri, 28 Dec 2007 13:45:39 +0100 (CET)
In-Reply-To: <20071228124151.GA37323@k7.mavetju>
References: <91064C44-1A41-4FCB-A718-1EF3A63E2273@stromnet.se>
	<20071228124151.GA37323@k7.mavetju>
Mime-Version: 1.0 (Apple Message framework v753)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <6EC90A5A-ECCC-4983-95CE-D82AEE89C289@stromnet.se>
Content-Transfer-Encoding: 7bit
From: =?ISO-8859-1?Q?Johan_Str=F6m?= <johan@stromnet.se>
Date: Fri, 28 Dec 2007 13:44:57 +0100
To: Edwin Groothuis <edwin@mavetju.org>
X-Mailer: Apple Mail (2.753)
Cc: freebsd-stable@freebsd.org
Subject: Re: I just broke out of a FreeBSD jail.. Known bug??
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Dec 2007 12:45:42 -0000

On Dec 28, 2007, at 13:41 , Edwin Groothuis wrote:

> On Fri, Dec 28, 2007 at 01:15:38PM +0100, Johan Str?m wrote:
>> Thats my home dir on core!.. That should very much not be visible
>> there! I have full access now (from the wrong jail!)
>>
>> Known bug or did I just stumble upon something pretty bad??
>
> You didn't really break out of it, the person who managed the machine
> did something he shouldn't have done: Moving the directories while
> the jail(s) were running. It should be mentioned in the BUGS section
> of the jail(8) command.
>

Yes, thats true.. Without "super-root" doing that the "breakout"  
would never happen. But still a bug, so yes I guess it should be  
mentioned in BUGS (and handbook too? not sure where this kind of  
"special features" are noted) unless its fixed.

--
Johan