Date: Thu, 14 Jul 2005 18:52:51 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Avleen Vig <lists-freebsd@silverwraith.com> Cc: freebsd-security@freebsd.org Subject: Re: [ronvdaal@zarathustra.linux666.com: Possible security issue with FreeBSD 5.4 jailing and BPF] Message-ID: <20050714165250.GA972@zaphod.nitro.dk> In-Reply-To: <20050714162656.GH11612@silverwraith.com> References: <20050714162656.GH11612@silverwraith.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--a8Wt8u1KmwUX3Y2C Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2005.07.14 09:26:56 -0700, Avleen Vig wrote: > This message was sent to bugtraq today: Please see the thread on full-disclosure as to why this is not an issue. http://lists.grok.org.uk/pipermail/full-disclosure/2005-July/035036.html Unfortunately the poster sent separate mails to full-disclosure and bugtraq, so the followups where only set to full-disclosure (since we saw the mail first there). > While playing around with FreeBSD 5.4 and jailing I discovered that it was > possible to put an ethernet interface into promiscious mode from within t= he > jailed environment, allowing a packetsniffer to gather data not meant for > the jailed box. This also affects FreeBSD 5.3 (tested) but not FreeBSD 4.= x=20 > This can be reproduced on boxes where BPF support is enabled in the kerne= l=20 > and a BPF device is available in the jail (badly configured devfs/no rule= s) [...] --=20 Simon L. Nielsen --a8Wt8u1KmwUX3Y2C Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFC1phih9pcDSc1mlERArK8AKCyjLnHW4VZ/1e2lOv2dcuQp8QNYgCgsBzl D9EMAVDLnjkIlvqxD/V61Mk= =GDb9 -----END PGP SIGNATURE----- --a8Wt8u1KmwUX3Y2C--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050714165250.GA972>