Date: Sun, 8 May 2011 09:15:28 +0700 From: Edho P Arief <edhoprima@gmail.com> To: Jamie Landeg Jones <jamie@bishopston.net> Cc: freebsd-security@freebsd.org, feld@feld.me, utisoft@gmail.com Subject: =?utf-8?q?Re=3A_Rooting_FreeBSD_=2C_Privilege_Escalation_using_J?= =?utf-8?b?YWlscyAoUMOvwr/CvXR1cik=?= Message-ID: <BANLkTikgnqXB4pdvCd9j9n7pFvg=n5FrdQ@mail.gmail.com> In-Reply-To: <201105072231.p47MVktY035491@catflap.bishopston.net> References: <4DC40E21.6040503@gmail.com> <4DC4102E.8000700@gmail.com> <op.vu2g4b0k34t2sn@tech304> <BANLkTikJgPt4SM_B_7drpgFvO8RkvXaOtw@mail.gmail.com> <201105072231.p47MVktY035491@catflap.bishopston.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, May 8, 2011 at 5:31 AM, Jamie Landeg Jones <jamie@bishopston.net> wrote: >> All the same, I've sent a PR [1] with some doc patches to make people >> more aware of this -- fulfilling my promise of 2+ years ago :S >> >> Thanks! >> >> Chris >> >> [1] http://www.freebsd.org/cgi/query-pr.cgi?pr=156853 > > Um. Some problems here. > > A jail won't work for not-root users if the jail root directory is chmod 700 - although > there is obviously a 'chroot' running withing the jail, the jailed user still needs > to have read permission from the hosts / -- chmod 700 therefore locks all non-root > users out. > It's weird - I don't remember having such problem after setting jails' root directory permission to 700. I don't have the system anymore so I can't verify it just yet.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BANLkTikgnqXB4pdvCd9j9n7pFvg=n5FrdQ>