From owner-freebsd-questions@freebsd.org  Thu Dec 10 19:34:00 2015
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id BF32C9D71A2
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Thu, 10 Dec 2015 19:34:00 +0000 (UTC)
 (envelope-from alexmiroslav@gmail.com)
Received: from mail-wm0-x233.google.com (mail-wm0-x233.google.com
 [IPv6:2a00:1450:400c:c09::233])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 6760B1079
 for <freebsd-questions@freebsd.org>; Thu, 10 Dec 2015 19:34:00 +0000 (UTC)
 (envelope-from alexmiroslav@gmail.com)
Received: by wmec201 with SMTP id c201so39124250wme.1
 for <freebsd-questions@freebsd.org>; Thu, 10 Dec 2015 11:33:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=q1N4IWpph0Ut9MAlZakB0PM0XuEPzKpCb/ORfn00n+0=;
 b=BDci41zzuYKXjWyl2JiisXUsEH0hu/3J3tJpjHelIl0IXBjb9UUTsgd8d1/YLrqH1y
 NcXoK2zLVV3iuJ347vA2uf54zKCcvRHvhw2f914sCAtKVTFNb3YOJhVJn0E/IpbazLzJ
 /R7J/RtbqPBRZXssQbKwnjm5Fbg2D6+iwXku+YTb3Q+RsK1QuUFPVRoqdBQqIQOo09/H
 Qf+m/ICRCzXijvDJemG2UrgEb1hcPH8xJKMAWgC09EAPWeDflu/bnSML2jCGc7NwfaWo
 1zThDqUyzYFuW6ENKrLqpHo/YtQYBccXUykrfjkZb1DjkvBbOxbZl+JTXGvKz3JyO9lJ
 CR4A==
MIME-Version: 1.0
X-Received: by 10.28.148.133 with SMTP id w127mr853383wmd.92.1449776038772;
 Thu, 10 Dec 2015 11:33:58 -0800 (PST)
Received: by 10.28.86.87 with HTTP; Thu, 10 Dec 2015 11:33:58 -0800 (PST)
In-Reply-To: <20151210150224.18d842126bf67bb0b07dcdf6@sohara.org>
References: <CACcSE1yQO8AjW9rpY+d2p1-ArPbO4qKV0zcaCMyRhYEWLOpQGA@mail.gmail.com>
 <20151203073923.17dae0c41a2b5e29a5b3a3dd@sohara.org>
 <CACcSE1zhMLnbo+bOixOM_ZLBpP+szbmzfFH_12v36ezy34fs9g@mail.gmail.com>
 <20151210144007.GA23555@fanty-a.tf.uni-kiel.de>
 <20151210150224.18d842126bf67bb0b07dcdf6@sohara.org>
Date: Thu, 10 Dec 2015 11:33:58 -0800
Message-ID: <CACcSE1ytnqK_e8TBj_VGvznaPs+1q6sh0RsFCHQT9Tpxqk7jqw@mail.gmail.com>
Subject: Re: best practice for locking down private jail?
From: Aleksandr Miroslav <alexmiroslav@gmail.com>
To: freebsd-questions@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Dec 2015 19:34:00 -0000

On Thu, Dec 10, 2015 at 7:02 AM, Steve O'Hara-Smith <steve@sohara.org> wrote:
> > I think the cron job isn't needed. Create a directory outside the jails
> > and mount it as nullfs and 'rw' into the upload jail and 'ro' into the
> > web server jail. We do this on a zfs basis.
>
> That works of course, but loses the opportunity to verify the files
> before putting them online.

Exactly. The situation I'm trying to avoid is where someone compromises the key
and credentials of the uploader and is able to accesses the "upload"
jail. If I sanitize
the files before copying them to the "web" jail, just about the only
thing they will be
able to do is put up audio files of the form lecture-001.mp3,
lecture-002.mp3, and so one.