From owner-freebsd-security@FreeBSD.ORG Sun May 8 07:56:16 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B84371065674 for ; Sun, 8 May 2011 07:56:16 +0000 (UTC) (envelope-from edhoprima@gmail.com) Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com [209.85.214.54]) by mx1.freebsd.org (Postfix) with ESMTP id 45CA28FC17 for ; Sun, 8 May 2011 07:56:16 +0000 (UTC) Received: by bwz12 with SMTP id 12so4961807bwz.13 for ; Sun, 08 May 2011 00:56:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=IRljVdx5uwqA9XfE0dVg2Gwmubs9Qckr8F5DdoRLbHI=; b=ROngzvptT2eePbJJQ4xNONZJWOU2+bQCId2/4qkRS74UefYmE8rmoQt9Ij/LO1XTAK 3Q1twQuSty6GYtIgW9s8R77auPmb+ZCAkJFjtKMut5gkMthUYq1hKavnwEEIYvt+wobN Wj+1qht1HTlpYfW8madMYJ3c/ofO833wH3BU8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; b=BfYkb6OKZZRQj3kTh9ZRR8SAZj1KZpZfGEjvO8MmTC+lLLvb3QdHJBbt5Rfg87tb9a zbxEWPEL5RAs7Pw5Z4fv5exc2eAW3eAORUU/RjBTnK0dnBw9DcWPh0jjaorN4Hti3QpJ YrN8otnYl0t8WuHbLhv8VF22Ev24V1ch9ffF4= Received: by 10.204.74.7 with SMTP id s7mr4773838bkj.57.1304841375169; Sun, 08 May 2011 00:56:15 -0700 (PDT) MIME-Version: 1.0 Received: by 10.204.68.199 with HTTP; Sun, 8 May 2011 00:55:55 -0700 (PDT) In-Reply-To: <20110508075203.GA61754@DataIX.net> References: <4DC40E21.6040503@gmail.com> <4DC4102E.8000700@gmail.com> <201105072231.p47MVktY035491@catflap.bishopston.net> <20110508075203.GA61754@DataIX.net> From: Edho P Arief Date: Sun, 8 May 2011 14:55:55 +0700 Message-ID: To: Jason Hellenthal Content-Type: text/plain; charset=UTF-8 Cc: Jamie Landeg Jones , freebsd-security@freebsd.org, feld@feld.me, utisoft@gmail.com Subject: Re: Rooting FreeBSD , Privilege Escalation using Jails (P??????tur) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 May 2011 07:56:16 -0000 On Sun, May 8, 2011 at 2:52 PM, Jason Hellenthal wrote: > > Edho, > > It should also be noted here that the jailed root user also has permission > to chmod(1) '/' to anything he or she wants unless you have taken > precaution to not allow that. I would reccoment storing your jails two > levels deep into a directory and chmod(1) 700 the first level to prevent > access from the host and from the jailed root user changing the perms. > I indeed changed the permission above the jail's root. I usually make it like this: /jails/jailname/root and I set 700 on /jails/jailname. It's been a long time but as I said before I don't remember encountering permission problem in the jail. Or perhaps I remembered it wrong.