From owner-freebsd-security Mon Jan 31 9:47:50 2000 Delivered-To: freebsd-security@freebsd.org Received: from adm.sci-nnov.ru (adm.sci-nnov.ru [195.122.226.2]) by hub.freebsd.org (Postfix) with ESMTP id B50C814D1C for ; Mon, 31 Jan 2000 09:47:40 -0800 (PST) (envelope-from vlad@sandy.ru) Received: from anonymous.sandy.ru (anonymous.sandy.ru [195.122.226.40]) by adm.sci-nnov.ru (8.9.3/Dmiter-4.1) with ESMTP id UAA69461; Mon, 31 Jan 2000 20:42:09 +0300 (MSK) Date: Mon, 31 Jan 2000 20:42:12 +0300 From: Vladimir Dubrovin X-Mailer: The Bat! (v1.36) S/N D33CD428 Reply-To: Vladimir Dubrovin Organization: Sandy Info X-Priority: 3 (Normal) Message-ID: <8862.000131@sandy.ru> To: Dmitry Valdov Cc: security@freebsd.org Subject: Re: jail.. In-reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello Dmitry Valdov, 31.01.00 3:05, you wrote: jail..; D> Hello! D> It is possible to take root on entire machine if someone has an account on D> it an root under jail. D> for example, we're running jail with chroot to /usr/jail. Someone have root D> in chroot'ed environment. D> So, he can create setuid shell in /usr/jail. D> But if he have normail account on machine, he can run it from /usr/jail and D> take root on entire machine. D> chmod /usr/jail doesn't help because chrooted / cannot be read by anyone :( This problems appears only if local users should be allowed to access /usr/jail. Otherwise you can use group "jail" instead of user "jail" ang give 770 permissions for /usr/jail. Include jailed (and only jailed) users and root into this group. D> I think that the right solution is to make directory for chroot under 700's D> directory. Should it be documented in jail man page? D> Dmitry. +=-=-=-=-=-=-=-=-=+ |Vladimir Dubrovin| | Sandy Info, ISP | +=-=-=-=-=-=-=-=-=+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message