Date: Thu, 28 Jul 2011 19:31:14 -0400 From: Jason Hellenthal <jhell@DataIX.net> To: Robert Watson <rwatson@freebsd.org> Cc: Glen Barber <gjb@freebsd.org>, svn-src-all@freebsd.org, src-committers@freebsd.org, svn-src-stable-8@freebsd.org, svn-src-stable@freebsd.org Subject: Re: svn commit: r224462 - stable/8/usr.sbin/jail Message-ID: <20110728233114.GA37774@DataIX.net> In-Reply-To: <alpine.BSF.2.00.1107281039110.30580@fledge.watson.org> References: <201107270156.p6R1uquD035835@svn.freebsd.org> <20110728021914.GA55550@DataIX.net> <4E30CEEB.107@FreeBSD.org> <alpine.BSF.2.00.1107281039110.30580@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--a8Wt8u1KmwUX3Y2C Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 28, 2011 at 10:40:19AM +0100, Robert Watson wrote: >=20 > On Wed, 27 Jul 2011, Glen Barber wrote: >=20 > >> How is either one of these different ? > >> > >> All mv(1) is doing is a cp(1) & rm(1). In either case the filehandle i= s=20 > >> still broken and a process is not going to just get up and move with i= t. On=20 > >> the other side though if you copied a pipe or socket or something simi= liar=20 > >> for example into a jail then it might make whatever is outside availab= le to=20 > >> the jailed environment. > >> > >> Is there something I am misunderstanding about this ? has the way cp(1= ),=20 > >> rm(1) & mv(1) been changed recently ? or is this wording a little off ? > > > > The text in the example is just an example of a situation where it may = be=20 > > possible for a process within a jail(8) to gain filesystem access outsi= de of=20 > > the jail(8). >=20 > I wonder, if on these grounds, we should actually advise administrators t= hat=20 > it is a more robust configuration, both in terms of managing free space a= nd=20 > avoiding potential escape paths, to put each jail in its own file system.= =20 > Lots of people do this anyway, and as recommendations go, it's not a bad = one.=20 > We can then caution that if you *don't* do this, then you need to be care= ful=20 > about the mv issue. >=20 That sounds like a perfectly sane idea. --a8Wt8u1KmwUX3Y2C Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (FreeBSD) Comment: http://bit.ly/0x89D8547E iQEcBAEBAgAGBQJOMfFCAAoJEJBXh4mJ2FR+XXkH/im3tgkucIQrtuqd5DZbBIck q3qtWsT3fGyRoEKB3sGXLzxDpMeic9Rm5qES9FQFM/vW/sxoNu6k8jd/7LwoD5bG merDyuJCSuHIoaYDGssKUCt/z+sr5+7dwPQEhWsc2MdoDaX55JLiyDsdevbFZoeb 1q0XQVh6jUBHHVzam7ex4xSCZ3UjVwe8gaHbZd3J7uvXPowgHVDcgYbRMDKvQ9Km xgoWSpXfGR4SCsbzLKVNI4eVN2TvDo80DLqCDFkKr9rOqDB/l2IveZMgq5q8dTZ/ lBkAZEIZZHbANwsfFchGVbfOn6WoKSdjDyiDehwiKTNZYUnLUwJ5tUQI0cdgGqI= =OQAQ -----END PGP SIGNATURE----- --a8Wt8u1KmwUX3Y2C--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110728233114.GA37774>