Date: Tue, 9 Jul 2019 01:12:18 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: Yuri <yuri@rawbw.com>, Freebsd hackers list <freebsd-hackers@FreeBSD.org> Subject: Re: What is the best way for the process to determine that it runs in jail? Message-ID: <aa64d090-40c5-2e31-6ca0-e065fa8cc58a@grosbein.net> In-Reply-To: <bafb7230-6e18-39d6-3ba4-ec3f7fac1cb1@rawbw.com> References: <bafb7230-6e18-39d6-3ba4-ec3f7fac1cb1@rawbw.com>
next in thread | previous in thread | raw e-mail | index | archive | help
07.07.2019 7:43, Yuri wrote: > I found online that it is possible to stat the root folder and find its inode number. > > The inode number is 2 when the root is on UFS, and 4 if the root is on ZFS. > > This looks pretty hackish to me. Is this reliable? > > Is there a better/best way? We have check_jail subroutine in the /etc/rc.subr that is supposed to be called with single "jailed" argument so it just checks if sysctl security.jail.jailed exists and set to 1. We have sysctlbyname(3) function of out libc to do same in C.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?aa64d090-40c5-2e31-6ca0-e065fa8cc58a>