Date: Thu, 3 Mar 2005 18:14:56 -0500 From: Anish Mistry <mistry.7@osu.edu> To: Ean Kingston <ean@hedron.org> Cc: Chris Hodgins <chodgins@cis.strath.ac.uk> Subject: Re: Sharing directories with jails Message-ID: <200503031815.04158.mistry.7@osu.edu> In-Reply-To: <4011.216.220.59.169.1109888589.squirrel@216.220.59.169> References: <4227164D.3050103@cis.strath.ac.uk> <200503031316.56083.mistry.7@osu.edu> <4011.216.220.59.169.1109888589.squirrel@216.220.59.169>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart10079835.7YT7haUBNq Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Thursday 03 March 2005 05:23 pm, Ean Kingston wrote: > > On Thursday 03 March 2005 12:42 pm, Chris Hodgins wrote: > > [cut original question and answer] > > >> Ok perhaps I should clarify what my intentions are a little > >> more. I am planning on providing a FreeBSD jail for any member > >> of a geek society I am a member of. When I say they are > >> untrusted, I mean that I won't be giving them full root access > >> to my server but I trust them enough not to do anything > >> malicious inside a jail. It is just like a fun place they can > >> play and not have to worry to much about breaking things. > >> > >> How easy is it exactly to break out of a jail if you have access > >> to development tools? > > > > http://www.securiteam.com/unixfocus/5WP031535U.html > > How current is this? The article appears to be dated 2001. Are > there still buffer-overflow issues with /proc? > 5.3 and later no longer need proc and it's not mounted by default. > > If you use securelevels you can a sigificantly improve security. =2D-=20 Anish Mistry --nextPart10079835.7YT7haUBNq Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQBCJ5p4xqA5ziudZT0RAnQKAJwMVpV0p9W45gk2aGHhZ789Fg+w3ACcCQ+y xMS7duMm1LokEohKvMxHKmU= =l/1q -----END PGP SIGNATURE----- --nextPart10079835.7YT7haUBNq--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503031815.04158.mistry.7>