Date: Tue, 4 Feb 2014 10:41:57 +0000 From: "Robert N. M. Watson" <rwatson@FreeBSD.org> To: Ivan Voras <ivoras@freebsd.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, Gleb Smirnoff <glebius@freebsd.org>, James Gritton <jamie@freebsd.org>, svn-src-head@freebsd.org, Alexander Leidinger <Alexander@leidinger.net> Subject: Re: svn commit: r261266 - in head: sys/dev/drm sys/kern sys/sys usr.sbin/jail Message-ID: <AB6C4677-A9F5-4EE3-B064-D28BEC2AC447@FreeBSD.org> In-Reply-To: <CAF-QHFWa5RCo61955M2JQhJtT-JMfyCga2HAV%2BNaefXQJCZRcg@mail.gmail.com> References: <201401291341.s0TDfDcB068211@svn.freebsd.org> <20140129134344.GW66160@FreeBSD.org> <52E906CD.9050202@freebsd.org> <20140129222210.0000711f@unknown> <alpine.BSF.2.00.1401311231490.36707@fledge.watson.org> <52EBDD42.4020702@freebsd.org> <CAF-QHFWa5RCo61955M2JQhJtT-JMfyCga2HAV%2BNaefXQJCZRcg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4 Feb 2014, at 10:05, Ivan Voras <ivoras@freebsd.org> wrote: > On 31 January 2014 18:28, James Gritton <jamie@freebsd.org> wrote: >> On 1/31/2014 5:34 AM, Robert Watson wrote: >=20 >>> Frankly, I'd like to see this backed out and not reintroduced. If = it must >>> be retained, then it needs a much more clear warning that enabling = this >>> feature disables Jail's security model. Don't use the word = 'obviate', >>> instead explicitly state that root within the jail can escape the = jail. >>=20 >> I'll do at least the next-best thing: back it out and hope to = re-introduce >> it. Clearly it could use some further discussion. >=20 > How about outputting both a kernel (i.e. logged) and userland messages > when the jail is created (or the parameter is changed, if it can?) > which say something like "DANGER! The root within this jail (jid=3D%d) > can escape the jail" or something like it? That seems reasonably loud. At the very least, we need a more clear structuring and presentation of = "insecure" options in the jail man page. E.g., a dedicated section for = options that may have serious security consequences and a nice = introduction to the section contextualising those concerns. Robert=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AB6C4677-A9F5-4EE3-B064-D28BEC2AC447>