From owner-freebsd-hackers  Fri Sep 27 13:34:11 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1957C37B401
	for <freebsd-hackers@FreeBSD.org>; Fri, 27 Sep 2002 13:34:10 -0700 (PDT)
Received: from hub.org (hub.org [64.49.215.141])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CD0F743E42
	for <freebsd-hackers@FreeBSD.org>; Fri, 27 Sep 2002 13:34:09 -0700 (PDT)
	(envelope-from scrappy@hub.org)
Received: from hub.org (hub.org [64.49.215.141])
	by hub.org (Postfix) with ESMTP
	id 81DF38A4418; Fri, 27 Sep 2002 17:34:05 -0300 (ADT)
Date: Fri, 27 Sep 2002 17:34:05 -0300 (ADT)
From: "Marc G. Fournier" <scrappy@hub.org>
To: Martin Matuska <matuska@wu-wien.ac.at>
Cc: freebsd-hackers@FreeBSD.org
Subject: Re: Security of a JAIL UDP patch
In-Reply-To: <000701c26547$9a44d1c0$0200a8c0@martin>
Message-ID: <20020927173350.F16327-100000@hub.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG


Ummmm, named currently does work within a jail ... I run several at the
moment ...


On Thu, 26 Sep 2002, Martin Matuska wrote:

> I would like to ask which aspects has this patch on security of a jailed
> environment.
> This patch enables the use of named or ircd in jails.
>
> --- in_pcb.c.old	Mon Mar 18 23:57:57 2002
> +++ in_pcb.c	Tue Mar 19 09:52:45 2002
> @@ -501,6 +501,8 @@
>  	int error;
>
>  	if (inp->inp_laddr.s_addr == INADDR_ANY && p->p_prison != NULL) {
> +		if (inp->inp_lport != 0)
> +			inp->inp_laddr.s_addr = htonl(p->p_prison->pr_ip);
>  		bzero(&sa, sizeof (sa));
>  		sa.sin_addr.s_addr = htonl(p->p_prison->pr_ip);
>  		sa.sin_len=sizeof (sa);
>
> Patch author was Lamont Granquist lamont@scriptkiddie.org
> Reference:
> http://www.freebsd.org/cgi/getmsg.cgi?fetch=393634+395986+/usr/local/www/db/
> text/2002/freebsd-stable/20020331.freebsd-stable
>
> Thank you very much
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message