Date: Fri, 27 Sep 2002 17:34:05 -0300 (ADT) From: "Marc G. Fournier" <scrappy@hub.org> To: Martin Matuska <matuska@wu-wien.ac.at> Cc: freebsd-hackers@FreeBSD.org Subject: Re: Security of a JAIL UDP patch Message-ID: <20020927173350.F16327-100000@hub.org> In-Reply-To: <000701c26547$9a44d1c0$0200a8c0@martin>
next in thread | previous in thread | raw e-mail | index | archive | help
Ummmm, named currently does work within a jail ... I run several at the
moment ...
On Thu, 26 Sep 2002, Martin Matuska wrote:
> I would like to ask which aspects has this patch on security of a jailed
> environment.
> This patch enables the use of named or ircd in jails.
>
> --- in_pcb.c.old Mon Mar 18 23:57:57 2002
> +++ in_pcb.c Tue Mar 19 09:52:45 2002
> @@ -501,6 +501,8 @@
> int error;
>
> if (inp->inp_laddr.s_addr == INADDR_ANY && p->p_prison != NULL) {
> + if (inp->inp_lport != 0)
> + inp->inp_laddr.s_addr = htonl(p->p_prison->pr_ip);
> bzero(&sa, sizeof (sa));
> sa.sin_addr.s_addr = htonl(p->p_prison->pr_ip);
> sa.sin_len=sizeof (sa);
>
> Patch author was Lamont Granquist lamont@scriptkiddie.org
> Reference:
> http://www.freebsd.org/cgi/getmsg.cgi?fetch=393634+395986+/usr/local/www/db/
> text/2002/freebsd-stable/20020331.freebsd-stable
>
> Thank you very much
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020927173350.F16327-100000>