From owner-freebsd-security@FreeBSD.ORG Fri May 6 15:37:43 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D3A741065679 for ; Fri, 6 May 2011 15:37:43 +0000 (UTC) (envelope-from daniel.jacobsson.90@gmail.com) Received: from mail-ey0-f182.google.com (mail-ey0-f182.google.com [209.85.215.182]) by mx1.freebsd.org (Postfix) with ESMTP id 5B7798FC14 for ; Fri, 6 May 2011 15:37:42 +0000 (UTC) Received: by eyg7 with SMTP id 7so1291797eyg.13 for ; Fri, 06 May 2011 08:37:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :subject:content-type:content-transfer-encoding; bh=19r/w2xR2WflbcZ0XD5QQk/rfCJwLyvVAuNsLcQA0ao=; b=hGRY1z40uWtxrUtl09pKAEYjWfbyXDx5G3VhFSv9OaOpdfgy+KSV0lojDU1ylgCqnN K5SRviwXYrmgHKbg/TQ0g5UyjAAU2TsferAyHGoUm8X0ywCGROijmonyk5ubie1M6gnB ClFEMF9WkLjE0yj2cr1gmW5qiWbk1SwHStO4I= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=k6Jw5WE3XmaFghXnerz0UcnLUXI+yrvfk7E+jRxRUo3W72wC/7jEkqPq3ZXFABmizz 0AdBynuiI5tSppgc+vFrtRnL7t5QwWslp2hnCqpgA8R2iLfqSwhaXTEuJEvTr4I9zURo a6Mt8q8tvKe7RSQAt7zhVGteypqeWMLTRvJ6Q= Received: by 10.213.7.2 with SMTP id b2mr1038134ebb.28.1304694473495; Fri, 06 May 2011 08:07:53 -0700 (PDT) Received: from [192.168.2.7] (toad.gitty.se [193.11.160.171]) by mx.google.com with ESMTPS id z1sm1425983eeb.7.2011.05.06.08.07.51 (version=SSLv3 cipher=OTHER); Fri, 06 May 2011 08:07:52 -0700 (PDT) Message-ID: <4DC40E21.6040503@gmail.com> Date: Fri, 06 May 2011 17:05:05 +0200 From: Daniel Jacobsson User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; sv-SE; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10 MIME-Version: 1.0 To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Fri, 06 May 2011 16:01:07 +0000 Subject: =?iso-8859-1?q?Rooting_FreeBSD_=2C_Privilege_Escalation_using_Ja?= =?iso-8859-1?q?ils_=28P=E9tur=29?= X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 May 2011 15:37:43 -0000 I read this (http://www.petur.eu/blog/?p=459) blog post today. It's about that a remote user with root privilegs to a FreeBSD jail & user privileges to the jails host machine can obtain root privileges on the host machine. Can someone confirm if this bugg/exploit works?