Date: Thu, 6 Sep 2001 23:57:20 +0200 (CEST) From: Oliver Fromme <olli@secnetix.de> To: freebsd-stable@FreeBSD.ORG Subject: pkg_add doesn't work in jail Message-ID: <200109062157.XAA77063@lurza.secnetix.de>
next in thread | raw e-mail | index | archive | help
Hi, On a 4-stable box, I can't seem to use pkg_add within a jail. # pwd /tmp # ls *.tgz zsh-3.0.8.tar.gz # pkg_add *.tgz can't stat package file '/usr/jail/000/tmp/zsh-3.0.8.tar.gz' I think I've tracked it down to the __getcwd() syscall, which seems to return the absolute path without caring about the jail root. This is bad. In fact, it could be regarded as a security problem, because nothing in userland should be able to actually see the jail root. As a workaround, ``sysctl debug.disablecwd'' seems to work. It disables the syscall, then the getcwd() function in libc traverses the directories back to "/" itself to build the path. pkg_add works fine now. Can someone confirm my above analysis? Should I submit a PR? Unfortunately, I don't have a real fix. I didn't have a closer look at the __getcwd() code, but it seems pretty non-trivial to fix. Regards Oliver -- Oliver Fromme, secnetix GmbH & Co KG, Oettingenstr. 2, 80538 München Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "All that we see or seem is just a dream within a dream" (E. A. Poe) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109062157.XAA77063>