Date: Fri, 16 Apr 2010 04:20:26 -0600 From: "Erich Jenkins, Fuujin Group Ltd" <erich@fuujingroup.com> To: glarkin@FreeBSD.org Cc: freebsd-bugs@freebsd.org, freebsd-jail@freebsd.org, smithi@nimnet.asn.au Subject: Re: jail file and directory permissions Message-ID: <4BC839EA.30307@fuujingroup.com> In-Reply-To: <4BC7C33B.9000107@FreeBSD.org> References: <4BC2C578.9080108@fuujingroup.com> <i2l8250ac3f1004120043ga734bbe0s952dda5712ea38a5@mail.gmail.com> <4BC2E662.1050007@fuujingroup.com> <4BC31B31.6060201@FreeBSD.org> <4BC3A948.7010601@fuujingroup.com> <4BC4C91D.7020107@fuujingroup.com> <4BC7C33B.9000107@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Greg Larkin wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Erich Jenkins, Fuujin Group Ltd wrote: >> Erich Jenkins, Fuujin Group Ltd wrote: >>> Greg Larkin wrote: >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> Erich Jenkins, Fuujin Group Ltd wrote: >>>>> Kalle Møller wrote: >>>>> <snip> >>>>>> Could you please make a command list on what your doing and with >>>>>> output.. like this ... >>>>>> >>>>>> -- >> <snip> > > Hi Erich, > > I'm glad to hear that you got everything sorted out! If it's possible > to set up the previous environment in a virtual machine or some spare > hardware and grant me an ssh login, I would be interested in doing more > tests to see if I can figure out what's going on. > > Whether there's a bug in the jail subsystem or a hole in the > provisioning process that allows the privilege escalation, it would > certainly be good to find the root cause. > > Thank you, > Greg > - -- > Greg Larkin > > http://www.FreeBSD.org/ - The Power To Serve > http://www.sourcehosting.net/ - Ready. Set. Code. > http://twitter.com/sourcehosting/ - Follow me, follow you > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.7 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iD8DBQFLx8M70sRouByUApARAnpwAJ0f2+XC2hwTSrkO/v8DUPXpchdHygCeMWc0 > M4E6SOz8kPRJYdwTXOkF2lY= > =z7l7 > -----END PGP SIGNATURE----- > Greg: I'd be happy to get this set up in the lab for you to look at, but at the moment, all of our lab machines are in use (I rolled this box over to a community project after buildworld "cleaned" it up). I try to provide hardware resources to FreeBSD committers and developers hunting down problems, and at the moment, I'm at the limit, there's no hardware left. As soon as something becomes available, I'll drop you a line and get this onto a test server. Generally, I create a VRF for each test environment with outside access via ssh and an internet connection for fetching whatever may be necessary (most often 10mbps). OpenVPN access is also available depending on what the committer/developer wants. Thank you again for your interest in this anomaly (for lack of a better description). I'll get something up for you as soon as a box becomes available. Any preference on platform (considering this did not seem to be platform dependent)? I can do sparc64, amd64/x86-64, itanium2, and i386/x86-32. The environment I'm experiencing the problem in is x86-32, and I think someone is almost done with a DL580-G3, so I can roll that out when it becomes available. Erich M. Jenkins Fuujin Group Limited "You should never, never doubt what no one is sure about." -- Gene Wilder
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BC839EA.30307>