Date: Mon, 17 Jul 2000 12:00:46 -0700 From: Julian Elischer <julian@elischer.org> To: Warner Losh <imp@village.org> Cc: Brian Fundakowski Feldman <green@FreeBSD.org>, freebsd-arch@FreeBSD.org Subject: Re: SysctlFS Message-ID: <397357DE.2781E494@elischer.org> References: <Pine.BSF.4.21.0007160327310.82825-100000@green.dyndns.org> <200007160740.BAA51827@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh wrote:
>
>
> But this sort of thing is potentially worse. If you can follow the
> symlink out of jail, can you use it to get to other files?
>
> The only way that device nodes exist in the jail now is if the jailors
> create them for the Jail. Ditto with mount points. Ditto with this.
>
> I'm sure that any sort of automatic adding of device nodes to a
> jail'd process' space is wrong by default. All things that aren't
> explicitly permitted are forbidden.
> : > Why bother with a symlink? Why not have a reference to the real
> : > dev_t?
> :
> : The dev_t of what, exactly?
>
> The device that the jailed process can access. Right now we put the
> dev_t in the hierarchy of the jailed process, which is the userland
> dev_t. With a devfs implementation, you could put the kerneland dev_t
> into the filesystem generally. If you do that, then you'll need to do
> that in jail as well. If you don't, mknod is suffient for jailed
> processes, plus maybe with a major number lookup routine (kernel, tell
> me what the major number for wd).
See my other email onn this topic..
I don;t propose Symlinks.. that would eba security whole.
I propose a SYMLINK_LIKE MECHANISM to replace major numbers
in normal cdev nodes created within the filesystem, that
reflect into the device namespace.
>
> Warner
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-arch" in the body of the message
--
__--_|\ Julian Elischer
/ \ julian@elischer.org
( OZ ) World tour 2000
;_.---._/ presently in: Budapest
v
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?397357DE.2781E494>