From owner-freebsd-hackers Fri Sep 27 13:34:11 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1957C37B401 for ; Fri, 27 Sep 2002 13:34:10 -0700 (PDT) Received: from hub.org (hub.org [64.49.215.141]) by mx1.FreeBSD.org (Postfix) with ESMTP id CD0F743E42 for ; Fri, 27 Sep 2002 13:34:09 -0700 (PDT) (envelope-from scrappy@hub.org) Received: from hub.org (hub.org [64.49.215.141]) by hub.org (Postfix) with ESMTP id 81DF38A4418; Fri, 27 Sep 2002 17:34:05 -0300 (ADT) Date: Fri, 27 Sep 2002 17:34:05 -0300 (ADT) From: "Marc G. Fournier" To: Martin Matuska Cc: freebsd-hackers@FreeBSD.org Subject: Re: Security of a JAIL UDP patch In-Reply-To: <000701c26547$9a44d1c0$0200a8c0@martin> Message-ID: <20020927173350.F16327-100000@hub.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Ummmm, named currently does work within a jail ... I run several at the moment ... On Thu, 26 Sep 2002, Martin Matuska wrote: > I would like to ask which aspects has this patch on security of a jailed > environment. > This patch enables the use of named or ircd in jails. > > --- in_pcb.c.old Mon Mar 18 23:57:57 2002 > +++ in_pcb.c Tue Mar 19 09:52:45 2002 > @@ -501,6 +501,8 @@ > int error; > > if (inp->inp_laddr.s_addr == INADDR_ANY && p->p_prison != NULL) { > + if (inp->inp_lport != 0) > + inp->inp_laddr.s_addr = htonl(p->p_prison->pr_ip); > bzero(&sa, sizeof (sa)); > sa.sin_addr.s_addr = htonl(p->p_prison->pr_ip); > sa.sin_len=sizeof (sa); > > Patch author was Lamont Granquist lamont@scriptkiddie.org > Reference: > http://www.freebsd.org/cgi/getmsg.cgi?fetch=393634+395986+/usr/local/www/db/ > text/2002/freebsd-stable/20020331.freebsd-stable > > Thank you very much > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message