From owner-freebsd-security@FreeBSD.ORG Tue Dec 21 02:30:09 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3549416A4CE for ; Tue, 21 Dec 2004 02:30:09 +0000 (GMT) Received: from lariat.org (lariat.org [63.229.157.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 707BB43D49 for ; Tue, 21 Dec 2004 02:30:08 +0000 (GMT) (envelope-from brett@lariat.org) Received: from runaround.lariat.org (IDENT:ppp1000.lariat.org@lariat.org [63.229.157.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id TAA12266; Mon, 20 Dec 2004 19:30:03 -0700 (MST) X-message-flag: Warning! Use of Microsoft Outlook renders your system susceptible to Internet worms. Message-Id: <6.2.0.14.2.20041220191915.0531e798@localhost> X-Mailer: QUALCOMM Windows Eudora Version 6.2.0.14 Date: Mon, 20 Dec 2004 19:30:00 -0700 To: Nigel Houghton From: Brett Glass In-Reply-To: <20041220221928.GA2698@sourcefire.com> References: <6.2.0.14.2.20041220142255.06260ca0@localhost> <20041220212304.GV792@sourcefire.com> <6.2.0.14.2.20041220145924.0624c328@localhost> <20041220221928.GA2698@sourcefire.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" cc: freebsd-security@freebsd.org Subject: Re: chroot-ing users coming in via SSH and/or SFTP? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Dec 2004 02:30:09 -0000 At 03:19 PM 12/20/2004, Nigel Houghton wrote: >Take a look at the Jail project, you'll find it here... > > http://www.jmcresearch.com/projects/jail/ > >..and in ports/sysutils/ along with some other jail tools, it may >provide some of the features you are looking for. Looks useful. (Shame it's GPLed.) In any case, it seems to me that creation of a jail the way this tool does it (and the way most people have to do it in general) requires a lot of redundant copies of files. Wouldn't it be neat if there were a type of link (not quite soft, not quite hard; call it "firm") that would let you link to the current master copies of executables (rather than copying them) but not let the inmates out of their jails? Hard links have the disadvantage that they're broken when you upgrade an executable; soft links can't be used because, well, you're in a jail. The type of link I have in mind would be symbolic but resolved by the system behind the scenes; from inside the jail it wouldn't look like a link. --Brett