Date: Sun, 28 Oct 2007 17:00:02 GMT From: "Simon L. Nielsen" <simon@FreeBSD.org> To: freebsd-bugs@FreeBSD.org Subject: Re: conf/117577: rc.d/jail doesn't resolve symlinks Message-ID: <200710281700.l9SH02Ls010154@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR conf/117577; it has been noted by GNATS. From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Johan Granath <nollan@phreaker.net> Cc: freebsd-gnats-submit@FreeBSD.org Subject: Re: conf/117577: rc.d/jail doesn't resolve symlinks Date: Sun, 28 Oct 2007 17:32:58 +0100 On 2007.10.27 22:17:00 +0000, Johan Granath wrote: > When setting the jail_jailname_rootdir to a path that contains > symlinks, the rc.d/jail script has problems mounting mount_devfs on > that path, obviously. To solve the issue you have to put the > absolute path to that rcvar. This is a known limitation. It sucks but so far nobody has been able to / cared enough to come up with a patch which handles the symlinks in a secure manner. See http://security.freebsd.org/advisories/FreeBSD-SA-07:01.jail.asc for details. > In my opinion th rc.d/jail script should handle this, so I made a patch. There wasn't a patch attached to the PR? -- Simon L. Nielsen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200710281700.l9SH02Ls010154>